From 1d6bc692a6f8dd511e1e8c5547ff699bafc5a9b8 Mon Sep 17 00:00:00 2001
From: Galen Charlton <gmcharlt@gmail.com>
Date: Thu, 13 Aug 2009 08:55:25 -0400
Subject: [PATCH] bug 3204: followup to fix AWS request signing

[1] There were some ersataz spaces in the string
    being signed.
[2] AWS expects a trailing '=' in the Base64 signature

Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
---
 C4/External/Amazon.pm | 24 ++++++++++--------------
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/C4/External/Amazon.pm b/C4/External/Amazon.pm
index 734ea68d36..afd819a886 100644
--- a/C4/External/Amazon.pm
+++ b/C4/External/Amazon.pm
@@ -102,7 +102,7 @@ sub get_amazon_details {
     my %hformat = ( a => 'Books', g => 'Video', j => 'Music' );
     my $search_index = $hformat{ substr($record->leader(),6,1) } || 'Books';
 
-	my $parameters={Service=>"AWSECommerceService" ,
+    my $parameters={Service=>"AWSECommerceService" ,
         "AWSAccessKeyId"=> C4::Context->preference('AWSAccessKeyID') ,
         "Operation"=>"ItemLookup", 
         "AssociateTag"=>  C4::Context->preference('AmazonAssocTag') ,
@@ -111,12 +111,12 @@ sub get_amazon_details {
         "IdType"=>$id_type,
         "ResponseGroup"=>  join( ',',  @aws ),
         "Timestamp"=>strftime("%Y-%m-%dT%H:%M:%SZ", gmtime)
-		};
-	$$parameters{"SearchIndex"} = $search_index if $id_type ne 'ASIN';
-	my @params;
-	while (my ($key,$value)=each %$parameters){
-		push @params, qq{$key=}.uri_escape($value, "^A-Za-z0-9\-_.~" );
-	}
+    };
+    $$parameters{"SearchIndex"} = $search_index if $id_type ne 'ASIN';
+    my @params;
+    while (my ($key,$value)=each %$parameters){
+        push @params, qq{$key=}.uri_escape($value, "^A-Za-z0-9\-_.~" );
+    }
 
     my $url =qq{http://webservices.amazon}.  get_amazon_tld(). 
         "/onca/xml?".join("&",sort @params).qq{&Signature=}.uri_escape(SignRequest(@params),"^A-Za-z0-9\-_.~" );
@@ -132,14 +132,10 @@ sub get_amazon_details {
 }
 
 sub SignRequest{
-	my @params=@_;
+    my @params=@_;
     my $tld=get_amazon_tld(); 
-    my $string = qq{ 
-GET 
-webservices.amazon$tld 
-/onca/xml 
-}.join("&",sort @params);
- 	return hmac_sha256_base64($string,C4::Context->preference('AWSPrivateKey'));
+    my $string = qq{GET\nwebservices.amazon$tld\n/onca/xml\n} . join("&",sort @params);
+    return hmac_sha256_base64($string,C4::Context->preference('AWSPrivateKey')) . '=';
 }
 
 sub check_search_inside {
-- 
2.39.5