亚马逊Amazon SPAPI买家姓名、地址等受限数据通过RDT、restrictedDataToken获取

获取 restrictedDataToken

# app/services/sp_api/base/tokens_api.rb
require 'tokens-api-model'
module SpApi::Base
  class TokensApi
    def initialize(merchant)
      client = AmzSpApi::SpApiClient.new
      @api_instance = AmzSpApi::TokensApiModel::TokensApi.new(client)
    end

    def createRestrictedDataToken(order)
      hash = {
        "restrictedResources": [{
          "method": "GET",
          "path": "/orders/v0/orders/#{order.platform_order_number}/address"
        }, {
          "method": "GET",
          "path": "/orders/v0/orders/#{order.platform_order_number}/buyerInfo"
        }]
      }
      body = AmzSpApi::TokensApiModel::CreateRestrictedDataTokenRequest.new(hash)
      begin
        result = @api_instance.create_restricted_data_token(body)
        restrictedDataToken = result.fetch(:restrictedDataToken)
      rescue AmzSpApi::TokensApiModel::ApiError => e
        puts "Exception when calling TokensApi->create_restricted_data_token: #{e}"
      end
    end
  end
end

使用restrictedDataToken

module SpApi::Base
  class OrdersApi
    def initialize(merchant)
      @client = AmzSpApi::SpApiClient.new
    end
    
    def get_order_buyer_info_by_order_number(order)
      @client.config.save_access_token = -> (access_token_key, order) do
        token = SpApi::Base::TokensApi.new(merchant).createRestrictedDataToken(order)
        Rails.cache.write("SPAPI-RESTRICTED-TOKEN-#{access_token_key}", token[:restrictedDataToken], expires_in: token[:expiresIn] - 60)
      end
      @client.config.get_access_token = -> (access_token_key) { Rails.cache.read("SPAPI-RESTRICTED-TOKEN-#{access_token_key}") }
      @api_instance = AmzSpApi::OrdersApiModel::OrdersV0Api.new(@client)
      result = @api_instance.get_order_buyer_info(platform_order_number)
    rescue AmzSpApi::OrdersApiModel::ApiError => e
      puts "Exception when calling OrdersV0Api->get_order_buyer_info: #{e}"
    end
  end
end

• 其本质就是用获取到的 restrictedDataToken 代替由 refresh_token 给https://api.amazon.com/auth/o2/token发请求时候获取的 access_token，作为下个请求头里的 x-amz-access-token 值来告诉亚马逊有权获取受限数据

半手动签名调用api

require 'aws-sigv4' 
require 'net/http'

module Net::HTTPHeader
  def capitalize(name)
    name
  end
  private :capitalize
end

url = 'https://sellingpartnerapi-eu.amazon.com/sellers/v1/marketplaceParticipations'

signer = Aws::Sigv4::Signer.new(
  access_key_id: access_key_id,
  region: 'eu-west-1',
  secret_access_key: secret_access_key,
  service: 'execute-api',
)

signature = signer.sign_request(
  http_method: 'GET',
  url: url,
  headers: {
    'host' => 'sellingpartnerapi-eu.amazon.com',
    'user-agent' => 'test (Language=Ruby)',
    'x-amz-access-token' => access_token
  })

headers = {
  'host' => signature.headers['host'],
  'user-agent' => 'test (Language=Ruby)',
  'x-amz-access-token' => access_token,
  'x-amz-content-sha256' => signature.headers['x-amz-content-sha256'],
  'x-amz-date' => signature.headers['x-amz-date'],
  'authorization' => signature.headers['authorization']
}

# use net/http
ur = URI(url)
http = Net::HTTP.new(ur.host, ur.port)
http.use_ssl = true
res = http.get(ur, headers)
res.body