diff --git a/README.md b/README.md index 4dd1c2de7..134fb146e 100644 --- a/README.md +++ b/README.md @@ -251,7 +251,9 @@ It also means that if a new version of an existing API is introduced, the librar ## Restricted operations -When you call a [restricted operation](https://developer-docs.amazon.com/sp-api/docs/tokens-api-use-case-guide), a Restricted Data Token (RDT) is automatically generated. If you're calling a restricted operation that accepts a [`dataElements`](https://developer-docs.amazon.com/sp-api/docs/tokens-api-use-case-guide#restricted-operations) parameter, you can pass `dataElements` values as a parameter to the API call. Check out the [getOrders](https://github.com/jlevers/selling-partner-api/blob/main/docs/Api/OrdersV0Api.md#getOrders), [getOrder](https://github.com/jlevers/selling-partner-api/blob/main/docs/Api/OrdersV0Api.md#getOrder), and [getOrderItems](https://github.com/jlevers/selling-partner-api/blob/main/docs/Api/OrdersV0Api.md#getOrderItems) documentation to see how to pass `dataElements` values to those calls. (At the time of writing, those are the only restricted operations that accept `dataElements` values.) +When you call a [restricted operation](https://developer-docs.amazon.com/sp-api/docs/tokens-api-use-case-guide), a Restricted Data Token (RDT) is automatically generated. If you're calling a restricted operation that accepts a [`data_elements`](https://developer-docs.amazon.com/sp-api/docs/tokens-api-use-case-guide#restricted-operations) parameter, you can pass `data_elements` values as a parameter to the API call. Check out the [getOrders](https://github.com/jlevers/selling-partner-api/blob/main/docs/Api/OrdersV0Api.md#getOrders), [getOrder](https://github.com/jlevers/selling-partner-api/blob/main/docs/Api/OrdersV0Api.md#getOrder), and [getOrderItems](https://github.com/jlevers/selling-partner-api/blob/main/docs/Api/OrdersV0Api.md#getOrderItems) documentation to see how to pass `data_elements` values to those calls. (At the time of writing, those are the only restricted operations that accept `data_elements` values.) + +Note that if you want to call a restricted operation on a sandbox endpoint (e.g., `Endpoint::NA_SANDBOX`), you *should not* pass a `data_elements` parameter. RDTs are not necessary for restricted operations. ## Uploading and downloading documents diff --git a/lib/Authentication.php b/lib/Authentication.php index fd26012c5..7acefcda6 100644 --- a/lib/Authentication.php +++ b/lib/Authentication.php @@ -195,7 +195,8 @@ public function signRequest(Psr7\Request $request, ?string $scope = null, ?strin $request = $request->withUri($newUri); } - if ($needRdt) { + // Sandbox requests don't require RDTs + if ($needRdt && !Endpoint::isSandbox($request->getUri()->getHost())) { $relevantCreds = $this->getRestrictedDataToken($restrictedPath, $request->getMethod(), $dataElements); } } @@ -490,6 +491,6 @@ private function newToken(): void */ public function formattedRequestTime(?bool $withTime = true): ?string { - return $this->requestSigner->formattedRequestTime($withTime); + return $this->authorizationSigner->formattedRequestTime($withTime); } } diff --git a/lib/Endpoint.php b/lib/Endpoint.php index e7f1b2cdd..cc6f96d55 100644 --- a/lib/Endpoint.php +++ b/lib/Endpoint.php @@ -114,4 +114,28 @@ public static function getByMarketplaceId(string $marketplace_id, bool $sandbox return constant("\SellingPartnerApi\Endpoint::$region"); } + + /** + * Checks if the given endpoint is valid. If the given endpoint is an array, checks + * the value of the `url` key. If it's a string, checks if it's a sandbox URL. + * + * @param array|string $endpoint The endpoint to check + * @return bool + */ + public static function isSandbox($endpoint) { + $sandboxHosts = [ + self::NA_SANDBOX['url'], + self::EU_SANDBOX['url'], + self::FE_SANDBOX['url'], + ]; + if (is_array($endpoint)) { + return in_array($endpoint['url'], $sandboxHosts); + } else if (is_string($endpoint)) { + return in_array($endpoint, $sandboxHosts); + } else { + throw new InvalidArgumentException( + 'Invalid endpoint type ' . gettype($endpoint) . '. Must be array or string.' + ); + } + } }