From 719280216fd85fc925611e533e28d944583e8afa Mon Sep 17 00:00:00 2001 From: Henri-Damien LAURENT Date: Tue, 7 Jul 2009 15:44:26 +0200 Subject: [PATCH] bug 3204: implement request signing for Amazon Web Services After 2009-08-15, Amazon Web Services will expect that all requests to the Product Advertising API, which is what Koha uses for retrieving reviews and other enhanced content from Amazon, include signatures. This patch and subsequenct patches implement this functionality. What this means in practice (assuming the user has elected to use any enhanced content from Amazon) is that [1] The user must get a Amazon Secret Access Key. This can be done by logging in to the user's AWS account at (e.g.) http://aws.amazon.com/, going to the 'Access Identifiers' page, and from there retrieving and/or creating a new Secret Access Key. [2] The contents of the Secret Access Key should then be entered into the new AWSPrivateKey system preference. Once that is done, grabbing reviews and table of contents from Amazon should work as normal. If the user doesn't do this before 2009-08-15, reviews and TOCs will no longer be supplied from Amazon, although there should be no crashes - the content will simply not show up. Note that the requirement to sign requests does *NOT* appear to apply to simply displaying book covers from Amazon. Signed-off-by: Galen Charlton Signed-off-by: Henri-Damien LAURENT --- C4/External/Amazon.pm | 91 ++++++++++--------- Makefile.PL | 2 + install_misc/debian-lenny.packages | 1 + .../data/mysql/en/mandatory/sysprefs.sql | 1 + .../unimarc_standard_systemprefs.sql | 3 +- 5 files changed, 51 insertions(+), 47 deletions(-) diff --git a/C4/External/Amazon.pm b/C4/External/Amazon.pm index 41076cf3a5..734ea68d36 100644 --- a/C4/External/Amazon.pm +++ b/C4/External/Amazon.pm @@ -21,6 +21,10 @@ use XML::Simple; use LWP::Simple; use LWP::UserAgent; use HTTP::Request::Common; +use C4::Koha; +use URI::Escape; +use POSIX; +use Digest::SHA qw(hmac_sha256_base64); use strict; use warnings; @@ -86,51 +90,37 @@ sub get_amazon_details { # warn "ISBN: $isbn | UPC: $upc | EAN: $ean"; - my ( $id_type, $item_id); - if (defined($isbn) && length($isbn) == 13) { # if the isbn is 13-digit, search Amazon using EAN - $id_type = 'EAN'; - $item_id = $isbn; - } - elsif ($isbn) { - $id_type = 'ASIN'; - $item_id = $isbn; - } - elsif ($upc) { - $id_type = 'UPC'; - $item_id = $upc; - } - elsif ($ean) { - $id_type = 'EAN'; - $item_id = $upc; - } - else { # if no ISBN, UPC, or EAN exists, do not even attempt to query Amazon - return undef; - } - - my $format = substr $record->leader(), 6, 1; # grab the item format to determine Amazon search index - my $formats; - $formats->{'a'} = 'Books'; - $formats->{'g'} = 'Video'; - $formats->{'j'} = 'Music'; - - my $search_index = $formats->{$format}; - - # Determine which content to grab in the request - - # Determine correct locale - my $tld = get_amazon_tld(); - - # grab the AWSAccessKeyId: mine is '0V5RRRRJZ3HR2RQFNHR2' - my $aws_access_key_id = C4::Context->preference('AWSAccessKeyID'); - - #grab the associates tag: mine is 'kadabox-20' - my $af_tag=C4::Context->preference('AmazonAssocTag'); - my $response_group = "Similarities,EditorialReview,Reviews,ItemAttributes,Images"; - my $url = "http://ecs.amazonaws$tld/onca/xml?Service=AWSECommerceService&AWSAccessKeyId=$aws_access_key_id&Operation=ItemLookup&AssociateTag=$af_tag&Version=2007-01-15&ItemId=$item_id&IdType=$id_type&ResponseGroup=$response_group"; - if ($id_type ne 'ASIN') { - $url .= "&SearchIndex=$search_index"; - } - # warn $url; + # Choose the appropriate and available item identifier + my ( $id_type, $item_id ) = + defined($isbn) && length($isbn) == 13 ? ( 'EAN', $isbn ) : + $isbn ? ( 'ASIN', $isbn ) : + $upc ? ( 'UPC', $upc ) : + $ean ? ( 'EAN', $upc ) : ( undef, undef ); + return unless defined($id_type); + + # grab the item format to determine Amazon search index + my %hformat = ( a => 'Books', g => 'Video', j => 'Music' ); + my $search_index = $hformat{ substr($record->leader(),6,1) } || 'Books'; + + my $parameters={Service=>"AWSECommerceService" , + "AWSAccessKeyId"=> C4::Context->preference('AWSAccessKeyID') , + "Operation"=>"ItemLookup", + "AssociateTag"=> C4::Context->preference('AmazonAssocTag') , + "Version"=>"2009-06-01", + "ItemId"=>$item_id, + "IdType"=>$id_type, + "ResponseGroup"=> join( ',', @aws ), + "Timestamp"=>strftime("%Y-%m-%dT%H:%M:%SZ", gmtime) + }; + $$parameters{"SearchIndex"} = $search_index if $id_type ne 'ASIN'; + my @params; + while (my ($key,$value)=each %$parameters){ + push @params, qq{$key=}.uri_escape($value, "^A-Za-z0-9\-_.~" ); + } + + my $url =qq{http://webservices.amazon}. get_amazon_tld(). + "/onca/xml?".join("&",sort @params).qq{&Signature=}.uri_escape(SignRequest(@params),"^A-Za-z0-9\-_.~" ); + my $content = get($url); warn "could not retrieve $url" unless $content; my $xmlsimple = XML::Simple->new(); @@ -141,6 +131,17 @@ sub get_amazon_details { return $response; } +sub SignRequest{ + my @params=@_; + my $tld=get_amazon_tld(); + my $string = qq{ +GET +webservices.amazon$tld +/onca/xml +}.join("&",sort @params); + return hmac_sha256_base64($string,C4::Context->preference('AWSPrivateKey')); +} + sub check_search_inside { my $isbn = shift; my $ua = LWP::UserAgent->new( diff --git a/Makefile.PL b/Makefile.PL index d97a996cb5..63bc820eb7 100644 --- a/Makefile.PL +++ b/Makefile.PL @@ -548,6 +548,7 @@ WriteMakefile( 'Date::ICal' => 1.72, 'Date::Manip' => 5.44, 'Digest::MD5' => 2.36, + 'Digest::SHA' => 5.43, 'Email::Date' => 1.103, 'File::Temp' => 0.16, 'GD' => 2.39, #optional @@ -598,6 +599,7 @@ WriteMakefile( 'Time::HiRes' => 1.86, 'Time::localtime' => 1.02, 'Unicode::Normalize' => 0.32, + 'URI::Escape' => 1.36, 'XML::Dumper' => 0.81, 'XML::LibXML' => 1.59, 'XML::LibXSLT' => 1.59, diff --git a/install_misc/debian-lenny.packages b/install_misc/debian-lenny.packages index c1a5ccceb3..2095e1922d 100644 --- a/install_misc/debian-lenny.packages +++ b/install_misc/debian-lenny.packages @@ -29,6 +29,7 @@ libdbd-mysql-perl install libdbd-mysql-perl install libdbd-sqlite3-perl install libdbi-perl install +libdigest-sha-perl install libemail-date-perl install libemail-date-perl install libgcrypt11-dev install diff --git a/installer/data/mysql/en/mandatory/sysprefs.sql b/installer/data/mysql/en/mandatory/sysprefs.sql index a8fe3e7bc2..80de4f634a 100644 --- a/installer/data/mysql/en/mandatory/sysprefs.sql +++ b/installer/data/mysql/en/mandatory/sysprefs.sql @@ -214,3 +214,4 @@ INSERT INTO systempreferences (variable,value,explanation,options,type) VALUES(' INSERT INTO systempreferences (variable,value,explanation,options,type) VALUES('MergeAuthoritiesOnUpdate', '1', 'if ON, Updating authorities will automatically updates biblios',NULL,'YesNo'); INSERT INTO systempreferences (variable,value,explanation,options,type) VALUES('RenewalPeriodBase', 'date_due', 'Set whether the renewal date should be counted from the date_due or from the moment the Patron asks for renewal ','date_due|now','Choice'); INSERT INTO `systempreferences` ( `variable` , `value` , `options` , `explanation` , `type` ) VALUES ( 'AllowNotForLoanOverride', '0', '', 'If ON, Koha will allow the librarian to loan a not for loan item.', 'YesNo'); +INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('AWSPrivateKey','','See: http://aws.amazon.com','','free'); diff --git a/installer/data/mysql/fr-FR/1-Obligatoire/unimarc_standard_systemprefs.sql b/installer/data/mysql/fr-FR/1-Obligatoire/unimarc_standard_systemprefs.sql index aed2a4c944..cec62efdf4 100644 --- a/installer/data/mysql/fr-FR/1-Obligatoire/unimarc_standard_systemprefs.sql +++ b/installer/data/mysql/fr-FR/1-Obligatoire/unimarc_standard_systemprefs.sql @@ -216,5 +216,4 @@ INSERT INTO systempreferences (variable,value,explanation,options,type) VALUES(' INSERT INTO systempreferences (variable,value,explanation,options,type) VALUES('AllowNotForLoanOverride', '0', 'Si activé, permet au bibliothécaire de choisir de prêter tout de même un exemplaire normalement exclu du prêt',NULL,'YesNo'); INSERT INTO systempreferences (variable,value,explanation,options,type) VALUES('RenewalPeriodBase', 'date_due', 'Permet de déterminer si la période de renouvellement doit être calculée sur la date de retour ou sur le jour du renouvellement','date_due|now','Choice'); INSERT INTO `systempreferences` (variable,value,options,explanation,type) VALUES ('OPACDisplayRequestPriority','0','','Afficher l\'ordre des réservation pour les adhérents à l\'opac','YesNo'); - - +INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('AWSPrivateKey','','See: http://aws.amazon.com','','free'); -- 2.39.5