Use Powershell to get book metadata from Amazon

Question

I want to use the Amazon Product Advertising API to create a Web Request with Powershell which submits the ISBN / ANSI number and returns the Book Metadata. (Title, Author,...)

So far I have createt a Account to geht the AssociateTag, AWSAccessKeyId and AWS Secret Key. With this Information I am able to create a signed WebRequest on the Test Page, which works perfect. http://associates-amazon.s3.amazonaws.com/scratchpad/index.html

Now my question is, how to create this WebRequest with Powershell and sign the "String-to-Sign" with my Sec Key?

The Documentation http://docs.amazonwebservices.com/AWSECommerceService/latest/DG/rest-signature.html shows, that the we need to generate a HMAC-SHA256 Hash key wich will be add to the WebRequest. But I were not able to create such a hash...

**
$AwsSecKey = "1234567890"

$string = "GET
webservices.amazon.com
/onca/xml
AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&ItemId=0679722769&Operation=I
temLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReview
s&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&
Version=2009-01-06"

$hmacsha = New-Object System.Security.Cryptography.HMACSHA256
$hmacsha.key = [Text.Encoding]::ASCII.GetBytes($key)
$signature = $hmacsha.ComputeHash([Text.Encoding]::ASCII.GetBytes($string))
$sig = [string]::join("", ($signature | % {([int]$_).toString('x2')}))
**

Hope somebody could help me out with this...

Thanks, Andreas

Answer 1

The library pointed to by Zach is probably your best bet. But you are on the right track, I think the only piece you have wrong is that to construct the final hash string, you need to do

$sig = [Convert]::ToBase64String($signature)

Answer 2

In addition to latkin's comment you should build your string with new line characters or your signature will not match Amazon's signature. Here is an example I got to match the signature at Amazon Product Scatchpad.

$amazonserver="webservices.amazon.com"
$linebreak="`n"
$AWSAccessKey = "2345678"
$AssociateTag = "1234567" 
$secretkey = "1234567890"
$url = "/onca/xml"
$ItemID = "0679722769"
$timestamp = "2012-10-19T15%3A34%3A33.000Z"

$urlparams = "AWSAccessKeyId=" + $AWSAccessKey + "&AssociateTag=" + $AssociateTag + "&Condition=All&IdType=ASIN&ItemId=" + $ItemID + "&Operation=ItemLookup&ResponseGroup=Images%2CItemAttributes%2COffers&Service=AWSECommerceService&Timestamp=" + $timestamp + "&Version=2011-08-01"
#write-host "Urlparams=$urlparams"
$stringtosign="GET" + $linebreak + $amazonserver + $linebreak + $url + $linebreak + $urlparams
#write-host "stringtosign=$stringtosign"
#Results from Amazon Products Scratchpad, http://associates-amazon.s3.amazonaws.com/scratchpad/index.html
$test="GET
webservices.amazon.com
/onca/xml
AWSAccessKeyId=2345678&AssociateTag=1234567&Condition=All&IdType=ASIN&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=Images%2CItemAttributes%2COffers&Service=AWSECommerceService&Timestamp=2012-10-19T15%3A34%3A33.000Z&Version=2011-08-01"
#Write-Host $test
$testsig ="9oGX%2Fs8K5ww6CLkAGYLPCiLPAp5kdEBYyBwzOF7fXZI%3D"

$hmacsha = New-Object System.Security.Cryptography.HMACSHA256
$hmacsha.key = [Text.Encoding]::ASCII.GetBytes($secretkey)
$signature = $hmacsha.ComputeHash([Text.Encoding]::ASCII.GetBytes($stringtosign))
#$sig = [string]::join("", ($signature | % {([int]$_).toString('x2')}))
#$sig
$sig = [Convert]::ToBase64String($signature)
$sig
Add-Type -AssemblyName System.Web
$encoded = [System.Web.HttpUtility]::UrlEncode($sig)
$encoded
$testsig -match $encoded

Answer 3

Have you seen the Product Advertising API Signed Request Sample Code - C# REST/Query code on the AWS site?

It contains a C# SignedRequestHelper class which could be used directly in your PowerShell, or possibly help bridge the gap in AWS request signing.

Good luck!

Zach