bug 3204: tweaks to AWS request signing

* Add AWSPrivateKey system preference to the
  Enhanced Content tab in the syspref editor
* Now warns to log if attempting to use
  the Amazon API without setting AWSPrivateKey

Signed-off-by: Galen Charlton <gmcharlt@gmail.com>

diff --git a/C4/External/Amazon.pm b/C4/External/Amazon.pm
index bb72af7..f36b8f7 100644 (file)
--- a/C4/External/Amazon.pm
+++ b/C4/External/Amazon.pm
@@ -148,8 +148,14 @@ sub get_amazon_details {
         push @params, qq{$key=}.uri_escape($value, "^A-Za-z0-9\-_.~" );
     }
 
-    my $url =qq{http://webservices.amazon}.  get_amazon_tld(). 
-        "/onca/xml?".join("&",sort @params).qq{&Signature=}.uri_escape(SignRequest(@params),"^A-Za-z0-9\-_.~" );
+    my $url;
+    if (C4::Context->preference('AWSPrivateKey')) {
+        $url = qq{http://webservices.amazon} . get_amazon_tld() . 
+               "/onca/xml?" . join("&",sort @params) . qq{&Signature=} . uri_escape(SignRequest(@params),"^A-Za-z0-9\-_.~" );
+    } else {
+        $url = qq{http://webservices.amazon} . get_amazon_tld() .  "/onca/xml?" .join("&",sort @params);
+        warn "MUST set AWSPrivateKey syspref after 2009-08-15 in order to access Amazon web services";
+    }
 
     my $content = get($url);
     warn "could not retrieve $url" unless $content;

diff --git a/admin/systempreferences.pl b/admin/systempreferences.pl
index 250374e..bb73d42 100755 (executable)
--- a/admin/systempreferences.pl
+++ b/admin/systempreferences.pl
@@ -231,6 +231,7 @@ $tabsysprefs{OPACAmazonEnabled}      = "EnhancedContent";
 $tabsysprefs{AmazonCoverImages}      = "EnhancedContent";
 $tabsysprefs{OPACAmazonCoverImages}  = "EnhancedContent";
 $tabsysprefs{AWSAccessKeyID}         = "EnhancedContent";
+$tabsysprefs{AWSPrivateKey}          = "EnhancedContent";
 $tabsysprefs{AmazonLocale}           = "EnhancedContent";
 $tabsysprefs{AmazonAssocTag}         = "EnhancedContent";
 $tabsysprefs{AmazonSimilarItems}     = "EnhancedContent";