カクカク立体GIFアニメ作成をおこない、エントリアップする段になって、はじめてAmazonのAPIが変わっていることに気づいた。特にアフィリエイトがどうこうしたいというわけでなく、Amazon.co.jpの商品を簡単に貼り付けるために使っていたAmazon Reloadedプラグイン。きけば、いやさ、読めば-つたない英語読解力で-プラグイン作者はお忙しいらしく、プラグインの改修に手をつけられないらしい ((しっかりドネーションのリンクとか管理者画面に貼り付けているくせに。))。それでも、有志が新API対応版作ったよ、というエントリを見かける。つ　A fix for Amazon Reloaded for WordPress and Amazon’s new API | CliqueClack Code いつものように階層がわからないAmazonAPIをどうにかこうにか掘り起こしてAccess Key ID / Secret Access Keyを入手。上記Fix版に入力したのだがうんともすんとも検索結果が出てこない。放り出したところでようやっと下記のような感じでクリアした。

--- Amazon-Reloaded.php.old	2008-08-29 16:52:06.000000000 +0900
+++ Amazon-Reloaded.php	2009-09-04 17:58:38.000000000 +0900
@@ -15,7 +15,8 @@
 	class Amazon_Reloaded_For_WordPress {

 		var $defaults = array( 'tld' => 'com', 'id' => '' );
-		var $key = 'Old Key？';
+		var $key = 'ここにAccess Key ID';
+		var $secret = 'ここにSecret Access Key';
 		var $options;
 		var $plugin_folder;
 		var $version = '3.1.0';
@@ -48,7 +49,6 @@

 			// Other Stuff
 			$this->load_options();
-			$this->key = $this->utility( $this->key );
 			$this->plugin_folder = path_join( WP_PLUGIN_URL, basename( dirname( __FILE__ ) ) );
 		}

@@ -111,7 +111,9 @@
 		 */
 		function on_wp_ajax_amazon_reloaded_for_wordpress( ) {
 			$request_url = $this->get_web_service_request_url( );
-
+
+			$request_url = $this->sign_url( $request_url );
+
 			// We do a manual one-step redirect here
 			if( function_exists( 'curl_init' ) ) {

@@ -119,33 +121,16 @@
 				$session = curl_init( $request_url );

 				// Set some cURL options
-				curl_setopt( $session, CURLOPT_HEADER, true );
+				curl_setopt( $session, CURLOPT_HEADER, false );
 				curl_setopt( $session, CURLOPT_RETURNTRANSFER, true );
 				curl_setopt( $session, CURLOPT_FOLLOWLOCATION, false );

 				// Execute the cURL request
-				$redirect_response = curl_exec( $session );
-
-				// Grab the location URL from the initial response
-				preg_match( "/Location: (.*)/si", $redirect_response, $matches );
+				$response = curl_exec( $session );

 				// Closes the initial session
 				curl_close( $session );

-				// Start the cURL session that will grab the actual results
-				$redirected_session = curl_init( $matches[ 1 ] );
-
-				// Set some cURL options
-				curl_setopt( $redirected_session, CURLOPT_HEADER, false );
-				curl_setopt( $redirected_session, CURLOPT_RETURNTRANSFER, true );
-				curl_setopt( $redirected_session, CURLOPT_FOLLOWLOCATION, false );
-
-				// Execute the cURL request
-				$response = curl_exec( $redirected_session );
-
-				// Close the cURL connection
-				curl_close( $redirected_session );
-
 			} else if( ini_get( 'allow_url_fopen' ) ) {
 				$response = file_get_contents( $request_url );

@@ -203,19 +188,19 @@
 		function get_web_service_request_url( ) {
 			$xslt_document_location = path_join( $this->plugin_folder, 'resources/amazon-reloaded.xslt' );

-			$request = "http://ecs.amazonaws.";
-			$request .= $this->options[ 'tld' ];
-			$request .= "/onca/xml?Service=AWSECommerceService";
+			$request = "http://xml-jp.amznxslt.com";
+			$request .= "/onca/xml?";
+			$request .= "AssociateTag=" . urlencode( $this->options[ 'id' ] );
 			$request .= "&AWSAccessKeyId=" . urlencode( $this->key );
-			$request .= "&AssociateTag=" . urlencode( $this->options[ 'id' ] );
-			$request .= "&Version=2008-04-07";
+			$request .= "&ContentType=text%2Fhtml";
+			$request .= "&Keywords=" . rawurlencode( $_POST[ 'keywords' ] );
 			$request .= "&Operation=ItemSearch";
+			$request .= "&ResponseGroup=Images%2CItemAttributes";
 			$request .= "&SearchIndex=Blended";
-			$request .= "&ContentType=text/html";
+			$request .= "&Service=AWSECommerceService";
 			$request .= "&Style=" . urlencode( $xslt_document_location );
-			$request .= "&ResponseGroup=Images,ItemAttributes";
-			$request .= "&Keywords=" . urlencode( $_POST[ 'keywords' ] );
-
+			$request .= "&Version=2008-04-07";
+
 			return $request;
 		}

@@ -281,14 +266,32 @@
 		}

 		/**
-		 * Processes the key appropriately
+		 * Signes the URL per terms of Amazon API standards as of 2009-07-01
 		 *
-		 * @param string $key the key before processing.
-		 * @return string the key after processing.
+		 * @return text of signed URL.
 		 */
-		function utility( $key ) {
-			return base64_decode(base64_decode(base64_decode(base64_decode(base64_decode(base64_decode( $key ))))));
+
+		function sign_url( $url ){
+			$host = parse_url($url,PHP_URL_HOST);
+			$timestamp = gmstrftime("%Y-%m-%dT%H:%M:%S.000Z");
+			$url = $url . "&Timestamp=" . $timestamp;
+
+			$paramstart = strpos($url,"?");
+			$workurl = substr($url,$paramstart+1);
+			$workurl = str_replace(",","%2C",$workurl);
+			$workurl = str_replace(":","%3A",$workurl);
+
+			$params = explode("&",$workurl);
+			sort($params);
+
+			$signstr = "GET\n" . $host . "\n/onca/xml\n" . implode("&",$params);
+			$signstr = base64_encode(hash_hmac('sha256', $signstr, $this->secret, true));
+			$signstr = urlencode($signstr);
+			$signedurl = $url . "&Signature=" . $signstr;
+
+			return $signedurl;
 		}
+
 	}
 }

@@ -296,4 +299,4 @@
 	$amazon_reloaded = new Amazon_Reloaded_For_WordPress( );
 }

-?>
\ No newline at end of file
+?>

コメント欄＜＝FIX提供者と本家、を行ったり来たりして上記のdiffまで。PHP4使用サーバーとか、URLに「~」が入る場合はさらに修正が必要な模様です。俺のサーバー＆ドメインでは問題ないので上記では放置しています。本家の修正をお待ちしています。