fix bug in authorization #123

Author: abuzuhri

Source/FikaAmazonAPI.SampleCode/Program.cs

@@ -39,9 +39,10 @@ static async Task Main(string[] args)
             {
                 AccessKey = config.GetSection("MWSAmazonAPI:AccessKey").Value,
                 SecretKey = config.GetSection("MWSAmazonAPI:SecretKey").Value,
+                RoleArn = config.GetSection("MWSAmazonAPI:RoleArn").Value,
                 ClientId = config.GetSection("MWSAmazonAPI:ClientId").Value,
                 ClientSecret = config.GetSection("MWSAmazonAPI:ClientSecret").Value,
-                MarketPlace = MarketPlace.GetMarketPlaceByID(config.GetSection("FikaAmazonAPI:MarketPlaceID").Value),
+                MarketPlace = MarketPlace.GetMarketPlaceByID(config.GetSection("MWSAmazonAPI:MarketPlaceID").Value),
                 IsActiveLimitRate = true
             });
             var code = codeAmazonConnection.Authorization.GetAuthorizationCode(new Parameter.Authorization.ParameterAuthorizationCode()

Source/FikaAmazonAPI/AmazonSpApiSDK/Models/Token/CacheTokenData.cs

@@ -7,7 +7,6 @@ public class CacheTokenData
         protected TokenResponse NormalAccessToken { get; set; }
         protected TokenResponse PIIAccessToken { get; set; }
         protected TokenResponse GrantlessAccessToken { get; set; }
-        protected TokenResponse MigrationAccessToken { get; set; }
         protected AWSAuthenticationTokenData AWSAuthenticationTokenData { get; set; }
 
         public AWSAuthenticationTokenData GetAWSAuthenticationTokenData()
@@ -35,10 +34,6 @@ public TokenResponse GetToken(TokenDataType tokenDataType)
             {
                 token = GrantlessAccessToken;
             }
-            else if (tokenDataType == TokenDataType.MigrationOnly)
-            {
-                token = MigrationAccessToken;
-            }
             if (token == null)
                 return null;
             else
@@ -66,18 +61,13 @@ public void SetToken(TokenDataType tokenDataType, TokenResponse token)
             {
                 GrantlessAccessToken = token;
             }
-            else if (tokenDataType == TokenDataType.MigrationOnly)
-            {
-                MigrationAccessToken = token;
-            }
         }
 
         public enum TokenDataType
         {
             Normal,
             PII,
-            Grantless,
-            MigrationOnly
+            Grantless
         }
 
 

Source/FikaAmazonAPI/Services/AuthorizationService.cs

@@ -16,7 +16,7 @@ public string GetAuthorizationCode(ParameterAuthorizationCode parameterGetOrderM
         public async Task<string> GetAuthorizationCodeAsync(ParameterAuthorizationCode parameter)
         {
             var param = parameter.getParameters();
-            await CreateAuthorizedRequestAsync(AuthorizationsApiUrls.GetAuthorizationCode, RestSharp.Method.GET, param, tokenDataType: TokenDataType.MigrationOnly);
+            await CreateAuthorizedRequestAsync(AuthorizationsApiUrls.GetAuthorizationCode, RestSharp.Method.GET, param, tokenDataType: TokenDataType.Grantless);
 
             var response = await ExecuteRequestAsync<GetAuthorizationCodeResponse>(Utils.RateLimitType.Authorization_GetAuthorizationCode);
             if (response != null && response.Payload != null)

Source/FikaAmazonAPI/Services/RequestService.cs

@@ -102,7 +102,7 @@ protected void CreateAuthorizedPagedRequest(AmazonFilter filter, string url, Res
         {
             RestHeader();
             AddAccessToken();
-            Request = await TokenGeneration.SignWithSTSKeysAndSecurityTokenAsync(Request, RequestClient.BaseUrl.Host, AmazonCredential, rateLimitType == RateLimitType.Authorization_GetAuthorizationCode);
+            Request = await TokenGeneration.SignWithSTSKeysAndSecurityTokenAsync(Request, RequestClient.BaseUrl.Host, AmazonCredential);
             var response = await RequestClient.ExecuteAsync<T>(Request);
             SleepForRateLimit(response.Headers, rateLimitType);
             ParseResponse(response);

Source/FikaAmazonAPI/Services/TokenGeneration.cs

@@ -21,29 +21,21 @@ public static class TokenGeneration
 
         public static async Task<TokenResponse> RefreshAccessTokenAsync(AmazonCredential credentials, TokenDataType tokenDataType = TokenDataType.Normal)
         {
-            if (tokenDataType == TokenDataType.MigrationOnly)
+            var lwaCredentials = new LWAAuthorizationCredentials()
             {
-                var accessToken = await GetAccessTokenForSPAPIMigration(credentials.ClientId, credentials.ClientSecret);
-                return accessToken;
-            }
-            else
-            {
-                var lwaCredentials = new LWAAuthorizationCredentials()
-                {
-                    ClientId = credentials.ClientId,
-                    ClientSecret = credentials.ClientSecret,
-                    Endpoint = new Uri(Constants.AmazonToeknEndPoint),
-                    RefreshToken = credentials.RefreshToken,
-                    Scopes = null
-                };
-                if (tokenDataType == TokenDataType.Grantless)
-                    lwaCredentials.Scopes = new List<string>() { ScopeConstants.ScopeMigrationAPI, ScopeConstants.ScopeNotificationsAPI };
-
-                var Client = new LWAClient(lwaCredentials);
-                var accessToken = await Client.GetAccessTokenAsync();
-
-                return accessToken;
-            }
+                ClientId = credentials.ClientId,
+                ClientSecret = credentials.ClientSecret,
+                Endpoint = new Uri(Constants.AmazonToeknEndPoint),
+                RefreshToken = credentials.RefreshToken,
+                Scopes = null
+            };
+            if (tokenDataType == TokenDataType.Grantless)
+                lwaCredentials.Scopes = new List<string>() { ScopeConstants.ScopeMigrationAPI, ScopeConstants.ScopeNotificationsAPI };
+
+            var Client = new LWAClient(lwaCredentials);
+            var accessToken = await Client.GetAccessTokenAsync();
+
+            return accessToken;
         }
 
         public static async Task<TokenResponse> GetAccessTokenForSPAPIMigration(string ClientId, string ClientSecret)
@@ -70,60 +62,47 @@ public static async Task<TokenResponse> GetAccessTokenForSPAPIMigration(string C
             return JsonConvert.DeserializeObject<TokenResponse>(data);
         }
 
-        public static async Task<IRestRequest> SignWithSTSKeysAndSecurityTokenAsync(IRestRequest restRequest, string host, AmazonCredential amazonCredential, bool isMigration = false)
+        public static async Task<IRestRequest> SignWithSTSKeysAndSecurityTokenAsync(IRestRequest restRequest, string host, AmazonCredential amazonCredential)
         {
-            if (isMigration)
+            var dataToken = amazonCredential.GetAWSAuthenticationTokenData();
+            if (dataToken == null)
             {
+                AssumeRoleResponse response1 = null;
+                using (var STSClient = new AmazonSecurityTokenServiceClient(amazonCredential.AccessKey, amazonCredential.SecretKey))
+                {
+                    var req = new AssumeRoleRequest()
+                    {
+                        RoleArn = amazonCredential.RoleArn,
+                        DurationSeconds = 3600,
+                        RoleSessionName = Guid.NewGuid().ToString()
+                    };
+
+                    response1 = await STSClient.AssumeRoleAsync(req, new CancellationToken());
+                }
+
+                //auth step 3
                 var awsAuthenticationCredentials = new AWSAuthenticationCredentials
                 {
-                    AccessKeyId = amazonCredential.AccessKey,
-                    SecretKey = amazonCredential.SecretKey,
+                    AccessKeyId = response1.Credentials.AccessKeyId,
+                    SecretKey = response1.Credentials.SecretAccessKey,
                     Region = amazonCredential.MarketPlace.Region.RegionName
                 };
-                return new AWSSigV4Signer(awsAuthenticationCredentials)
-                                .Sign(restRequest, host);
-            }
-            else
-            {
-                var dataToken = amazonCredential.GetAWSAuthenticationTokenData();
-                if (dataToken == null)
+
+                amazonCredential.SetAWSAuthenticationTokenData(new AWSAuthenticationTokenData()
                 {
-                    AssumeRoleResponse response1 = null;
-                    using (var STSClient = new AmazonSecurityTokenServiceClient(amazonCredential.AccessKey, amazonCredential.SecretKey))
-                    {
-                        var req = new AssumeRoleRequest()
-                        {
-                            RoleArn = amazonCredential.RoleArn,
-                            DurationSeconds = 3600,
-                            RoleSessionName = Guid.NewGuid().ToString()
-                        };
-
-                        response1 = await STSClient.AssumeRoleAsync(req, new CancellationToken());
-                    }
-
-                    //auth step 3
-                    var awsAuthenticationCredentials = new AWSAuthenticationCredentials
-                    {
-                        AccessKeyId = response1.Credentials.AccessKeyId,
-                        SecretKey = response1.Credentials.SecretAccessKey,
-                        Region = amazonCredential.MarketPlace.Region.RegionName
-                    };
+                    AWSAuthenticationCredential = awsAuthenticationCredentials,
+                    SessionToken = response1.Credentials.SessionToken,
+                    Expiration = response1.Credentials.Expiration
+                });
+                dataToken = amazonCredential.GetAWSAuthenticationTokenData();
+            }
 
-                    amazonCredential.SetAWSAuthenticationTokenData(new AWSAuthenticationTokenData()
-                    {
-                        AWSAuthenticationCredential = awsAuthenticationCredentials,
-                        SessionToken = response1.Credentials.SessionToken,
-                        Expiration = response1.Credentials.Expiration
-                    });
-                    dataToken = amazonCredential.GetAWSAuthenticationTokenData();
-                }
 
+            restRequest.AddOrUpdateHeader(RequestService.SecurityTokenHeaderName, dataToken.SessionToken);
 
-                restRequest.AddOrUpdateHeader(RequestService.SecurityTokenHeaderName, dataToken.SessionToken);
+            return new AWSSigV4Signer(dataToken.AWSAuthenticationCredential)
+                            .Sign(restRequest, host);
 
-                return new AWSSigV4Signer(dataToken.AWSAuthenticationCredential)
-                                .Sign(restRequest, host);
-            }
         }
     }
 }