Amazon Selling Partner API 开发笔记
资料整理
1.sp-api介绍:https://developer.amazonservices.com/
2.github文档:https://github.com/amzn/selling-partner-api-docs
3.github代码:https://github.com/amzn/selling-partner-api-models
开发准备
1. 登录亚马逊卖家账号申请SP-API开发评估表
注意:角色上后3项不要勾上,可以少填很多信息
2. 根据 github文档 注册 AWS,文档写的挺不错,可以多去尝试
3. 申请通过后添加新的App客户端,类型选SP API,IAM ARN 可以填写AWS IAM User ARN (arn:aws:iam::0000000000000:user/XXXXX) 或 AWS IAM Role ARN (arn:aws:iam::0000000000000:role/XXXXX)
开发代码
1. 通过 AWS IAM User 调用
只创建AWS IAM User ARN,不创建角色,直接把策略加到User下,这样做不符合规范,但可以少调一次接口
访问级别和访问资源都可以
LWAAuthorizationCredentials lwaAuthorizationCredentials = new LWAAuthorizationCredentials { // 相关值App客户端增加后就会有 ClientId = "amzn1.application-XXX-client.XXXXXXXXXXXXXXXXXXXXXXX", ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", RefreshToken = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", Endpoint = new Uri("https://api.amazon.com/auth/o2/token") }; RestClient client = new RestClient("https://sellingpartnerapi-na.amazon.com"); // 获取订单列表 RestRequest request = new RestRequest("/orders/v0/orders", Method.GET); request.AddQueryParameter("MarketplaceIds", "A2EUQ1WTGCTBG2"); request.AddQueryParameter("CreatedAfter", "2020-12-01T00:00:00Z"); LWAAuthorizationSigner auth = new LWAAuthorizationSigner(lwaAuthorizationCredentials); auth.Sign(request); AWSAuthenticationCredentials aws = new AWSAuthenticationCredentials(); // 相关值为AWS IAM增加User后下载的cvs aws.AccessKeyId = "XXXXXXXXXXXXXXXXXXX"; aws.SecretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"; aws.Region = "us-east-1"; AWSSigV4Signer signer = new AWSSigV4Signer(aws); signer.Sign(request, client.BaseUrl.Host); var resp = client.Execute(request);
2. 通过 AWS IAM Role 调用
通过 Github 上创建 AWS IAM User和 AWS IAM Role,这样做符合规范,但要多调一次接口(STS)
角色和人员是通过角色的信任关系关联,创建角色是配置了Root。
// 相关值为AWS IAM增加User后下载的cvs var accessKey = "XXXXXXXXXXXXXXXXXXX"; var secretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"; var credentials = new BasicAWSCredentials(accessKey, secretKey); var client = new AmazonSecurityTokenServiceClient(credentials); var assumeRoleRequest = new AssumeRoleRequest() { // AWS IAM Role ARN DurationSeconds = 3600, RoleArn = "arn:aws:iam::0000000000000:role/XXXXXXXX", RoleSessionName = DateTime.Now.Ticks.ToString() }; AssumeRoleResponse assumeRoleResponse = await client.AssumeRoleAsync(assumeRoleRequest); RestClient restClient = new RestClient("https://sellingpartnerapi-na.amazon.com"); IRestRequest restRequest = new RestRequest("/orders/v0/orders", Method.GET); restRequest.AddQueryParameter("CreatedAfter", "2020-12-01T00:00:00Z"); restRequest.AddQueryParameter("marketplaceIds", "ATVPDKIKX0DER"); var lwaAuthCreds = new LWAAuthorizationCredentials { // 相关值App客户端增加后就会有 ClientId = "amzn1.application-XXX-client.XXXXXXXXXXXXXXXXXXXXXXX", ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", RefreshToken = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", Endpoint = new Uri("https://api.amazon.com/auth/o2/token") }; restRequest = new LWAAuthorizationSigner(lwaAuthCreds).Sign(restRequest); var awsAuthCreds = new AWSAuthenticationCredentials { AccessKeyId = assumeRoleResponse.Credentials.AccessKeyId, SecretKey = assumeRoleResponse.Credentials.SecretAccessKey, Region = "us-east-1" }; restRequest.AddHeader("X-Amz-Security-Token", assumeRoleResponse.Credentials.SessionToken); restRequest = new AWSSigV4Signer(awsAuthCreds) .Sign(restRequest, restClient.BaseUrl.Host); var resp = restClient.Execute(restRequest);