1

I have been trying to integrate amazon pay with my mvc application using amazon sdk for .net. i followed the steps mention here. I am able to create the client using the private key and public key created in the seller account.

using Amazon.Pay.API.Types;
using Amazon.Pay.API.WebStore;

public class Sample
{
    public WebStoreClient InitiateClient()
    {
        // set up config
        var payConfiguration = new ApiConfiguration
        (
            region: Region.Europe,
            publicKeyId: "MY_PUBLIC_KEY_ID", // LIVE-XXXXX or SANDBOX-XXXXX
            privateKey: "PATH_OR_CONTENT_OF_MY_PRIVATE_KEY"
        );

        // init API client
        var client = new WebStoreClient(payConfiguration);

        return client;
    }
}

using the client when i am trying to create the signature i am getting exception as unsupported private key format

using Amazon.Pay.API.WebStore.CheckoutSession;
using Amazon.Pay.API.WebStore;

public class Sample : PageModel
{
    // ..

    public string Signature { get; private set; }

    public string Payload { get; private set; }

    public void OnGet()
    {
        // prepare the request
        var request = new CreateCheckoutSessionRequest
        (
            checkoutReviewReturnUrl: "https://example.com/review.html",
            storeId: "amzn1.application-oa2-client.000000000000000000000000000000000"
        );

        // generate the button signature
        var signature = client.GenerateButtonSignature(request);

        // generate the signature and payload string that is passed back to the frontend
        Signature = client.GenerateButtonSignature(request);
        Payload = request.ToJson();
    }
}

stack trace of the exception

   at Amazon.Pay.API.SignatureHelper.GenerateSignature(String stringToSign)
   at Amazon.Pay.API.WebStore.WebStoreClient.GenerateButtonSignature(String jsonString)
   at Amazon.Pay.API.WebStore.WebStoreClient.GenerateButtonSignature(CreateCheckoutSessionRequest request)
Wai Ha Lee
  • 8,598
  • 83
  • 57
  • 92
ebk
  • 305
  • 8
  • 20

1 Answers1

2

There are two ways to supply the private key: 1/full file path of the .pem file or 2/string contents of the .pem

You didn't mention which option you chose, so I'll give a quick overview of each.

  1. full path to .pem file. I'd recommend setting a debug breakpoint prior to the init of the WebStoreClient to ensure that the path you supplied is valid and the file contents actually loaded. This is the most common cause for the error - invalid file path, resulting in no private key being loaded.

    var payConfiguration = new ApiConfiguration
    (
        region: Region.Europe,
        publicKeyId: "YOUR_PUBLIC_KEY_ID", 
        privateKey: "C:\\temp\\ap.pem"
    );

  2. string content of .pem file. The most common cause for error here is a copy/paste mistake where special characters may be getting added inadvertently.

    var payConfiguration = new ApiConfiguration
   (
       region: Region.Europe,
       publicKeyId: "YOUR_PUBLIC_KEY_ID", 
       privateKey: "-----BEGIN PRIVATE KEY-----\nXXXXX\n-----END PRIVATE KEY-----"
   );

I would always caution against hard coding either the string or path of the private key, and encourage loading these credentials from a secure key vault whenever possible.

Wai Ha Lee
  • 8,598
  • 83
  • 57
  • 92
Debbie Martindale
  • 76
  • 3
  • Thanks for answering, i am using string content instead of file path. and i did the same mistake you mentioned by not copying the entire string(including ----BEGIN PRIVATE KEY---) .so i got error at creating the client and i corrected it before i raise this question. But my real problem is not at the client object creation instead at signature creation . the exception is throwing when i make a call at client.GenerateButtonSignature(request); – ebk Oct 20 '21 at 15:53
  • If you are getting that exception when supplying the string contents of the .pem, then something about the string value supplied is not accurate/valid. I'd either use a stream reader to programmatically read in the string of the .pem or supply the path to the .pem, as something about how you're copying out the contents of the .pem file are the source of your issue. – Debbie Martindale Oct 21 '21 at 16:40