Amazon Pay API SDK (.NET) 2.5.1

Author: Shangamesh T

Amazon.Pay.API.SDK.Tests/CreateStringToSignTest.cs

@@ -35,7 +35,7 @@ public void SimpleGet()
             var uri = new Uri("http://pay-api.amazon.eu/");
             var apiRequest = new ApiRequest(uri, method);
             var expectedCanonicalRequest = "GET\n/\n\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n13fdf6db844bdfb9e9c0e27a4251ca04e60c29ca2132249c5dd1cb09c26e22f5";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n13fdf6db844bdfb9e9c0e27a4251ca04e60c29ca2132249c5dd1cb09c26e22f5";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -54,7 +54,7 @@ public void GetWithTooManySlashesInUri()
             var uri = new Uri("http://pay-api.amazon.eu///foo//");
             var apiRequest = new ApiRequest(uri, method);
             var expectedCanonicalRequest = "GET\n/foo/\n\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\nd8e13e1857bc9b5056cc8ccb2699812faa2c68960e00483b1390fdaf4a991cc4";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\nd8e13e1857bc9b5056cc8ccb2699812faa2c68960e00483b1390fdaf4a991cc4";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -73,7 +73,7 @@ public void GetWithUnreservedCharacters()
             var uri = new Uri("http://pay-api.amazon.eu/-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
             var apiRequest = new ApiRequest(uri, method);
             var expectedCanonicalRequest = "GET\n/-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\n\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n585e034d38ed3d64c0cd77a9f357a4b4a0fc093eebe06f4b06f66845e3543038";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n585e034d38ed3d64c0cd77a9f357a4b4a0fc093eebe06f4b06f66845e3543038";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -94,7 +94,7 @@ public void GetWithHighAsciiCharacterInParameterString()
             apiRequest.QueryParameters.Add("\u1234", new List<string>() { "bar" });
 
             var expectedCanonicalRequest = "GET\n/\n%E1%88%B4=bar\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\nf0597d2fdcf97baf28002461796e916a74e35073b44042296d2ed45bacf6ecf0";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\nf0597d2fdcf97baf28002461796e916a74e35073b44042296d2ed45bacf6ecf0";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -114,7 +114,7 @@ public void SimplePost()
             var uri = new Uri("http://pay-api.amazon.eu/");
             var apiRequest = new ApiRequest(uri, method);
             var expectedCanonicalRequest = "POST\n/\n\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n322307b5dae22c3d59350c3de9202a488f337f674c8f430b186282008264bd2b";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n322307b5dae22c3d59350c3de9202a488f337f674c8f430b186282008264bd2b";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -135,7 +135,7 @@ public void PostWithQueryParameter()
             var apiRequest = new ApiRequest(uri, method);
             apiRequest.QueryParameters.Add("foo", new List<string>() { "bar" });
             var expectedCanonicalRequest = "POST\n/\nfoo=bar\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n9d61b5abddbfdcaf7810a8e83dfffe0a5d5f272d2676c0550d974d5383e94cd5";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n9d61b5abddbfdcaf7810a8e83dfffe0a5d5f272d2676c0550d974d5383e94cd5";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -156,7 +156,7 @@ public void GetWithMultipleQueryValuesInSingleParameter()
             var apiRequest = new ApiRequest(uri, method);
             apiRequest.QueryParameters.Add("foo", new List<string>() { "b", "a" });
             var expectedCanonicalRequest = "GET\n/\nfoo=a&foo=b\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n937de37fb8aed8af4214c373580c72f40c525202d1975df6836ba6ed0062b902";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n937de37fb8aed8af4214c373580c72f40c525202d1975df6836ba6ed0062b902";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -178,7 +178,7 @@ public void GetWithMultipleQueryParameters()
             apiRequest.QueryParameters.Add("a", new List<string>() { "foo" });
             apiRequest.QueryParameters.Add("b", new List<string>() { "foo" });
             var expectedCanonicalRequest = "GET\n/\na=foo&b=foo\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n457de2535eedbd6ef25f5c8ec4653ee885b99838d722189928f4fdf8d3c3ef4f";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n457de2535eedbd6ef25f5c8ec4653ee885b99838d722189928f4fdf8d3c3ef4f";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -201,7 +201,7 @@ public void GetWithMultipleQueryParametersSorted()
             apiRequest.QueryParameters.Add("A.10", new List<string>() { "foo" });
             apiRequest.QueryParameters.Add("A.2", new List<string>() { "foo" });
             var expectedCanonicalRequest = "GET\n/\nA.1=foo&A.10=foo&A.2=foo\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n43ae5290e6742d30e3822b62b6d759afedafbe01534f778175c336b455d632e7";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n43ae5290e6742d30e3822b62b6d759afedafbe01534f778175c336b455d632e7";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -222,7 +222,7 @@ public void GetWithMultipleQueryValuesInSingleParameterSorted()
             var apiRequest = new ApiRequest(uri, method);
             apiRequest.QueryParameters.Add("foo", new List<string>() { "Zoo", "aha" });
             var expectedCanonicalRequest = "GET\n/\nfoo=Zoo&foo=aha\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n7a4d89bd832cb93f2102f66bc8d3a0bc5f224c0bb758eab261dcd34a8ed2f117";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n7a4d89bd832cb93f2102f66bc8d3a0bc5f224c0bb758eab261dcd34a8ed2f117";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -243,7 +243,7 @@ public void GetWithReservedCharactersInQueryParameter()
             var apiRequest = new ApiRequest(uri, method);
             apiRequest.QueryParameters.Add("-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz", new List<string>() { "-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" });
             var expectedCanonicalRequest = "GET\n/\n-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz=-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\naa69ca06d93d9220f9aa16314d8556e18e1b0ae39802cd169bd3af6c08cd7164";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\naa69ca06d93d9220f9aa16314d8556e18e1b0ae39802cd169bd3af6c08cd7164";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -263,7 +263,7 @@ public void PostWithSpecialCharactersInQueryParameter()
             var apiRequest = new ApiRequest(uri, method);
             apiRequest.QueryParameters.Add("@#$%^&+=/,?><`\";:\\|][{} ", new List<string>() { "@#$%^&+=/,?><`\";:\\|][{} " });
             var expectedCanonicalRequest = "POST\n/\n%40%23%24%25%5E%26%2B%3D%2F%2C%3F%3E%3C%60%22%3B%3A%5C%7C%5D%5B%7B%7D%20=%40%23%24%25%5E%26%2B%3D%2F%2C%3F%3E%3C%60%22%3B%3A%5C%7C%5D%5B%7B%7D%20\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n50709f5220d06911feee2d6aa8bf8453c8517f44527c0912e62b905d26c7e08f";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n50709f5220d06911feee2d6aa8bf8453c8517f44527c0912e62b905d26c7e08f";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);
@@ -283,7 +283,7 @@ public void PostWithSpacesInQueryParameter()
             var apiRequest = new ApiRequest(uri, method);
             apiRequest.QueryParameters.Add("f oo", new List<string>() { "b ar" });
             var expectedCanonicalRequest = "POST\n/\nf%20oo=b%20ar\naccept:application/json\ncontent-type:application/json\nx-amz-pay-date:20180524T223710Z\nx-amz-pay-host:pay-api.amazon.eu\nx-amz-pay-region:eu\n\naccept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-            var expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n79481e4e38a053f7be8bda701c0d302d39df18bf468578b133c3be8e93fea86a";
+            var expectedStringToSign = "AMZN-PAY-RSASSA-PSS\n79481e4e38a053f7be8bda701c0d302d39df18bf468578b133c3be8e93fea86a";
 
             // act
             string actualCanonicalRequest = signatureHelper.CreateCanonicalRequest(apiRequest, defaultHeaders);

Amazon.Pay.API.SDK.Tests/SignatureHelperTest.cs

@@ -38,7 +38,7 @@ public void CreateStringToSignTest()
 
             signatureHelper = new SignatureHelper(config, canonicalBuilder.Object);
             string actualStringTosign = signatureHelper.CreateStringToSign(canonicalRequest);
-            string expectedStringToSign = Constants.AmazonSignatureAlgorithm + "\n" + "95b0d65e9efb9f0b9e8c2f3b77";
+            string expectedStringToSign = "AMZN-PAY-RSASSA-PSS" + "\n" + "95b0d65e9efb9f0b9e8c2f3b77";
 
             canonicalBuilder.VerifyAll();
             Assert.AreEqual(expectedStringToSign, actualStringTosign);
@@ -84,7 +84,7 @@ public void ButtonPayloadAsJsonResultsInExpectedSignatureString()
 
             var stringToSign = signatureHelper.CreateStringToSign(payload);
 
-            Assert.AreEqual(Constants.AmazonSignatureAlgorithm + "\n8dec52d799607be40f82d5c8e7ecb6c171e6591c41b1111a576b16076c89381c", stringToSign);
+            Assert.AreEqual("AMZN-PAY-RSASSA-PSS\n8dec52d799607be40f82d5c8e7ecb6c171e6591c41b1111a576b16076c89381c", stringToSign);
         }
 
         [Test]
@@ -155,7 +155,7 @@ public void CanGenerateSignature()
             var result = helper.GenerateSignature(message);
             var sigBytes = Convert.FromBase64String(result);
 
-            PssSigner signer = new PssSigner(new RsaEngine(), new Sha256Digest(), Constants.SaltLength);
+            PssSigner signer = new PssSigner(new RsaEngine(), new Sha256Digest(), 20);
             signer.Init(true, pub1);
             signer.BlockUpdate(bytesToSign, 0, bytesToSign.Length);
             var resultVerify = signer.VerifySignature(sigBytes);

Amazon.Pay.API.SDK/Amazon.Pay.API.SDK.csproj

@@ -2,8 +2,8 @@
 
   <PropertyGroup>
     <TargetFrameworks>net45;netstandard2.0</TargetFrameworks>
-    <Version>2.5.0</Version>
-    <AssemblyVersion>2.5.0.0</AssemblyVersion>
+    <Version>2.5.1</Version>
+    <AssemblyVersion>2.5.1.0</AssemblyVersion>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
     <Authors>Amazon Pay</Authors>
     <Company>Amazon</Company>

Amazon.Pay.API.SDK/Constants.cs

@@ -4,11 +4,11 @@ namespace Amazon.Pay.API
 {
     public class Constants
     {
-        public const string SdkVersion = "2.5.0.0";
+        public const string SdkVersion = "2.5.1.0";
         public const string SdkName    = "amazon-pay-api-sdk-dotnet";
         public const int    ApiVersion = 2;
-        public const int SaltLength = 32;
-        public const string AmazonSignatureAlgorithm = "AMZN-PAY-RSASSA-PSS-V2";
+
+        public const string AmazonSignatureAlgorithm = "AMZN-PAY-RSASSA-PSS";
 
         public static readonly Dictionary<string, int> serviceErrors = new Dictionary<string, int>() {
              {"Internal Server Error", 500},

Amazon.Pay.API.SDK/SignatureHelper.cs

@@ -17,6 +17,7 @@ public class SignatureHelper : ISignatureHelper
     {
         private readonly ApiConfiguration payConfiguration;
         private readonly string LineSeparator = "\n";
+        private readonly int SaltLength = 20;
         private readonly CanonicalBuilder canonicalBuilder;
 
         public SignatureHelper(ApiConfiguration payConfiguration, CanonicalBuilder canonicalBuilder)
@@ -159,7 +160,7 @@ public string GenerateSignature(string stringToSign)
             }
 
             // initiate the signing object
-            PssSigner pssSigner = new PssSigner(new RsaEngine(), new Sha256Digest(), Constants.SaltLength);
+            PssSigner pssSigner = new PssSigner(new RsaEngine(), new Sha256Digest(), SaltLength);
             pssSigner.Init(true, new ParametersWithRandom(parameters, random));
             pssSigner.BlockUpdate(bytesToSign, 0, bytesToSign.Length);
 

CHANGES.md

@@ -1,3 +1,7 @@
+#### Version 2.5.1 - January 2022
+* Applied patch to address issues occurred in Version 2.5.0.
+**Please dont use Version 2.5.0**
+
 #### Version 2.5.0 - January 2022
 * Updated "ExpirationTimestamp" property on ChargePermissionResponse to nullable
 * Migrated signature generating algorithm from AMZN-PAY-RSASSA-PSS to AMZN-PAY-RSASSA-PSS-V2 & increased salt length from 20 to 32

README.md

@@ -26,11 +26,11 @@ This SDK is compatible with .NET Standard 2.0 (including .NET Core 2.0), as well
 
 ## SDK Installation
 
-This SDK can be downloaded from NuGet [here](https://www.nuget.org/packages/Amazon.Pay.API.SDK) or GitHub [here](https://github.com/amzn/amazon-pay-api-sdk-dotnet/releases/download/2.5.0/Amazon.Pay.API.SDK.2.5.0.nupkg).
+This SDK can be downloaded from NuGet [here](https://www.nuget.org/packages/Amazon.Pay.API.SDK) or GitHub [here](https://github.com/amzn/amazon-pay-api-sdk-dotnet/releases/download/2.5.1/Amazon.Pay.API.SDK.2.5.1.nupkg).
 
 NuGet install from Package Manager:
 ```
-Install-Package Amazon.Pay.API.SDK -Version 2.5.0
+Install-Package Amazon.Pay.API.SDK -Version 2.5.1
 ```
 
 NuGet install from .NET CLI:
@@ -42,12 +42,12 @@ Alternatively, to manually install after a GitHub download, use one of the follo
 
 Visual Studio Package Manager Console
 ```
-Install-Package Amazon.Pay.API.SDK -Version 2.5.0 -Source %USERPROFILE%\Downloads
+Install-Package Amazon.Pay.API.SDK -Version 2.5.1 -Source %USERPROFILE%\Downloads
 ```
 
 .NET Core CLI
 ```
-dotnet add package Amazon.Pay.API.SDK -v 2.5.0 -s %USERPROFILE%\Downloads\
+dotnet add package Amazon.Pay.API.SDK -v 2.5.1 -s %USERPROFILE%\Downloads\
 ```
 
 
@@ -315,18 +315,6 @@ public class Sample : PageModel
 }
 ```
 
-Note : 
-As part of signature button integration, "algorithm" need to be provided as additional field in "createCheckoutSessionConfig" while rendering Amazon Pay button.
-          
-Example of "createCheckoutSessionConfig" :
-``` js
-    createCheckoutSessionConfig: {           
-        payloadJSON: '{"webCheckoutDetails":{"checkoutReviewReturnUrl":"https://localhost/test/checkoutReview.html"},"storeId": "amzn1.application-oa2-client.xxxxx","scopes": ["name", "email", "phoneNumber", "billingAddress"]}',
-        signature: 'SIGNATURE', // Signature Obtained by calling "generateButtonSignature(payload)" method
-        algorithm: 'AMZN-PAY-RSASSA-PSS-V2' // This Parameter is mandatory
-    }
-```
-
 #### Passing Signature and Payload to Front-End
 
 The code below shows how you could pass the signature and payload generated with code samples above back to the front-end. This sample uses an ASP.NET Core Razor Page, but the concept is similar for other .NET web project types.