Here is some javascript code to sign requests for the Amazon Product Advertising API in Google Sheets. This uses
v2 of Amazon's signing process, so you can adopt it to use other AWS services. It uses Google's Utilities service
to handle the crypto. The URI encoding also needs to be strict (see this article).
function fixedEncodeURIComponent(str) {
return encodeURIComponent(str).replace(/[!'()*]/g, function (c) {
return "%" + c.charCodeAt(0).toString(16);
});
}
function AwsSigner() {
this.accessKey = "youraccesskey";
this.secretKey = "yoursecretkey";
this.associateId = "yourassociateid";
this.host = "webservices.amazon.com";
this.method = "GET";
this.endpoint = "http://webservices.amazon.com/onca/xml";
this.path = "/onca/xml";
this.service = "AWSECommerceService";
this.version = "2013-08-01";
this.date = new Date().toISOString();
}
AwsSigner.prototype.url = function (params) {
this.params = params;
signature = this.signature(this.stringToSign());
return (
this.endpoint +
"?" +
this.queryString() +
"&Signature=" +
fixedEncodeURIComponent(signature)
);
};
AwsSigner.prototype.signature = function (value) {
return Utilities.base64Encode(
Utilities.computeHmacSha256Signature(
value,
this.secretKey,
Utilities.Charset.UTF_8
)
);
};
AwsSigner.prototype.stringToSign = function () {
return (
this.method +
"\n" +
this.host +
"\n" +
"/onca/xml" +
"\n" +
this.queryString()
);
};
AwsSigner.prototype.queryString = function () {
str = "AWSAccessKeyId=" + this.accessKey;
this.params["AssociateTag"] = this.associateId;
this.params["Timestamp"] = this.date;
this.params["Version"] = this.version;
var params = this.params;
Object.keys(params)
.sort()
.forEach(function (k) {
str += "&" + k + "=" + fixedEncodeURIComponent(params[k]);
});
return str;
};
var signer = new AwsSigner();
var url = signer.url({
ItemId: "SOMEASIN",
Operation: "ItemLookup",
ResponseGroup: "ItemAttributes",
});