[Plugin: Amazon Machine Tags] Plugin stopped working, says invalid key – key is valid.

Or is it just not compatible with WP 2.9.1?

Hi southernutahautism, sorry for the delay. I just upgraded to WordPress 2.9.1, and everything works fine. I think a problem might be that the WordPress upgrade process asks you to delete wpcontent/cache, so the folder is gone and with it all folder permission settings. You probably have to create the folder again and set the read/write permissions accordingly (or next time, just delete the cache folder contents, but keep the folder intact). Also the plugin writes a text file as confirmation that the key has been validated into the same folder. I admit this is annoying when you upgrade WordPress as that requires you to run the validation again on the plugin’s options page after you upgraded. It seemed like a reasonable idea to keep all files in an existing cache folder when I wrote the plugin, but looking back it would be better to keep the confirmation file in the plugin’s folder. I’ll fix that in a future version. ??

I replaced the folder and set the permissions to 777, and deleted the text file inside it. I re-ran the validation on the plugin, and it re-created the text file (like it should), but it still says my access key or the secret key are invalid.

I’ve checked my Amazon account, they are both exactly typed as Amazon.com shows.

Here is the content of the amtap-aws-key-verification.txt with my personal codes edited out with ****’s:

<?xml version=”1.0″ encoding=”UTF-8″?><HelpResponse xmlns=”https://webservices.amazon.com/AWSECommerceService/2009-07-01″><OperationRequest><HTTPHeaders><Header Name=”UserAgent”></Header></HTTPHeaders><RequestId>***********</RequestId><Arguments><Argument Name=”ContentType” Value=”text/plain”></Argument><Argument Name=”Service” Value=”AWSECommerceService”></Argument><Argument Name=”Signature” Value=”*****************=”></Argument><Argument Name=”ResponseGroup” Value=”Help”></Argument><Argument Name=”HelpType” Value=”ResponseGroup”></Argument><Argument Name=”Operation” Value=”Help”></Argument><Argument Name=”Style” Value=”https://www.southernutahautism.com/wp-content/plugins/amazon-machine-tags/amtap-key-verification.v3.xsl”></Argument><Argument Name=”AWSAccessKeyId” Value=”***************”></Argument><Argument Name=”Version” Value=”2009-07-01″></Argument><Argument Name=”Timestamp” Value=”2010-01-31T23:46:01Z”></Argument><Argument Name=”About” Value=”ItemIds”></Argument></Arguments><Errors><Error>AWS.TimestampExceedsTimeToLive<Message>Timestamp 2010-01-31T23:46:01Z is more then 900 seconds before current time 2010-02-01 00:06:05Z.</Message></Error><Error>AWS.InvalidSignature<Message>The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.</Message></Error></Errors></OperationRequest></HelpResponse>

I also just tried going to Amazon Web Services and creating a new Access Key and Secret Key, and when entered again, it still says they are invalid.

The access key or the secret key you entered is invalid. Please double-check it.

I’ve copied and pasted it exactly, there are no trailing spaces or missing characters. Neither access/secret key work.

Or, as I search around, is there a new problem with my server Time settings not being correct on GMT?

It appears that my server is 20 minutes behind the actual time, which would be outside the 900 seconds (15 minutes) that the AWS validiation requires.

I host on Dreamhost as a shared server, I wonder if this is something I can change?

I have figured it out, it was the time offset. Somehow, since I initially installed the plugin, Dreamhosts server got off by 20 minutes and then Amazon disallowed my access key.

I had Dreamhost set the server time, and it is all working again.

Note to kliehm: Maybe you could have the error message reflect the time offset message from the text file in a future update?

Ah, the time offset. Thanks for your efforts pinning down the problem. Hm, any idea how to connect to an open time server via PHP to check whether your server time is screwed?

I just made a file like this and named it “servertime.php” and uploaded it to my server and that is where I saw the time offset.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="https://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
</head>

<body>
<br /><br />
<span id="clock">
<SCRIPT LANGUAGE="JavaScript">
<!-- Begin
    function getthedate(){
        var mydate=new Date();
        var hours=mydate.getHours();
        var minutes=mydate.getMinutes();
        var seconds=mydate.getSeconds();
        var dn="AM";
        if (hours>=12) dn="PM";
        if (hours>12) hours=hours-12;
        if (hours==0) hours=12;
        if (minutes<=9) minutes="0"+minutes;
        if (seconds<=9)    seconds="0"+seconds;

        var cdate="<b>Local Time</b> "+hours+":"+minutes+":"+seconds+" "+dn+"<BR />";
        if (document.all)
            document.all.clock.innerHTML=cdate;
        else if (document.getElementById)
            document.getElementById("clock").innerHTML=cdate;
        else
            document.write(cdate);
    }
    if (!document.all&&!document.getElementById) getthedate();

    function goforit(){
        if (document.all||document.getElementById) setInterval("getthedate()",1000);
    }
    window.onload=goforit;
// End -->
</SCRIPT>
</span>

<b>Server Time</b>
<?php

        $thetimeis = getdate(time());
            $thehour = $thetimeis['hours'];
            $theminute = $thetimeis['minutes'];
            $thesecond = $thetimeis['seconds'];
        if($thehour > 12){
            $thehour = $thehour - 12;
            $dn = "PM";
        }else{
            $dn = "AM";
        }

echo "$thehour: $theminute:$thesecond $dn";
?>
</p>
<br /><br />
Server Time:
<?php
echo date("H:i:s");
?>

</body>
</html>

Hey guys, hopefully my response here will show up on your radar! I recently started experiencing the same symptoms. I tried blowing away and recreating the cache folder as suggested (and though I don’t know how to change the permissions on it, it appears to be getting repopulated with new HTML and META files, so I assume everything’s OK there?). I also tried using the servertime.php method and found that my server time and local time (adjusting several hours for what I assume is a timezone difference) they are within about 15 seconds of each other.

When I go into the “Amazon Machine Tags Configuration” page in WordPress, I now get the “The access key or the secret key you entered is invalid. Please double-check it.” error using the same keys that have been working fine until recently and are still active according to Amazon.

I am on v3.0.2 of the plugin and WordPress v3.01. I started noticing the problem before I upgraded from WordPress 2.9.2., and I was blindly hoping the upgrade would fix it. I know this isn’t much to go on, but any ideas for what else I can check? I assume whatever is causing me to get that invalid key error on the config page is what’s causing the plugin to no longer show on my postings. I can’t think of anything I changed on my end around the time it all stopped working. Big thanks in advance!

Hi Ben,

I have no idea what’s causing the error. However, in your /wp-content/cache/ folder there is a file amtap-aws-key-verification.txt – if there’s an error, this file should be populated with an XML response from Amazon further explaining the problem.

In the long term I really should get rid of the cache files and write everything into the database. That would be one problem source less, but I’m not sure if it would solve your problem.

Are you sure you have the right access key and secret key? Amazon changed their API a year ago, thus I needed to adjust the plugin. Please verify in your Amazon partner profile that everything is correct.

Cheers,
Martin

Hey, thanks for taking the time Martin!

My “amtap-aws-key-verification.txt” shows this for its second half:

- <Information>
- <Request>
  <IsValid>True</IsValid>
- <HelpRequest>
  <About>ItemIds</About>
  <HelpType>ResponseGroup</HelpType>
  <ResponseGroup>Help</ResponseGroup>
  </HelpRequest>
  </Request>
- <ResponseGroupInformation>
  <Name>ItemIds</Name>
  <CreationDate>2005-07-26</CreationDate>
- <ValidOperations>
  <Operation>ItemLookup</Operation>
  <Operation>ItemSearch</Operation>
  <Operation>ListLookup</Operation>
  <Operation>SimilarityLookup</Operation>
  <Operation>TagLookup</Operation>
  </ValidOperations>
- <Elements>
  <Element>Arguments/Argument/Name</Element>
  <Element>Arguments/Argument/Value</Element>
  <Element>Errors/Error/Code</Element>
  <Element>Errors/Error/Message</Element>
  <Element>Item/ASIN</Element>
  <Element>Items/CorrectedQuery</Element>
  <Element>Items/CorrectedQuery/Keywords</Element>
  <Element>Items/CorrectedQuery/Message</Element>
  <Element>Items/TotalPages</Element>
  <Element>Items/TotalResults</Element>
  <Element>OperationRequest/RequestId</Element>
  <Element>OperationRequest/UserAgent</Element>
  <Element>Request/IsValid</Element>
  </Elements>
  </ResponseGroupInformation>
  </Information>
  </HelpResponse>

I assume the IsValid = True is what we’re loking for and the “True” is the answer we’d want, yes? When trying to debug as best I could before posting here, I actually logged into Amazon and created/activated a second key, and they’re both (my original one and newer one) active according to Amazon. Didn’t seem to help though. ??

Thanks again!

Interesting, because yes, we’re looking for IsValid = True. I expected the file to contain the XML only if it would have been false. For some reason your XSL doesn’t get applied. Can you call the XSL file from the web, or does this return an error “503 forbidden”? Just try to open https://yourdomain.com/wp-content/plugins/amazon-machine-tags/amtap-key-verification.v3.xsl and see the result.

If the file cannot be opened, there could be two reasons: a) the permissions for the plugins folder or the amazon-machine-tags folder prevent access: set them to allow access from the web. b) The WordPress rewrite engine prevents access to the plugins folder. I admit I haven’t updated my own blog to WordPress 3.0, but another installation allow to call https://yourdomain.com//wp-content/plugins/readme.txt, therefore I assume the rewrite engine remains unchanged. So my best bet is that the folder permissions are too restrictive.

Thanks again, Martin!

I tried the XSL URL you suggested for my domain and received this response in my browser:

<?xml version="1.0" encoding="UTF-8" ?>
- <xsl:stylesheet version="1.0" xmlns:xsl="https://www.w3.org/1999/XSL/Transform" xmlns:aws="https://webservices.amazon.com/AWSECommerceService/2009-07-01">
  <xsl:output method="text" />
- <xsl:template match="/">
  <xsl:apply-templates select=".//aws:IsValid" />
  </xsl:template>
- <!--  valid response
  -->
- <xsl:template match="aws:IsValid">
- <xsl:if test="contains( ., 'True' )">
  <xsl:text>true</xsl:text>
  </xsl:if>
  </xsl:template>
  </xsl:stylesheet>

Hm, so this wasn’t the problem either. Still your XSL doesn’t get applied. If you go to the plugins admin page and scroll down to the bottom, there’s a checkbox “debug”. If you check that and open a page where an Amazon item is included, you should get a URL as a code comment in the sidebar (given that the plugin runs in the sidebar). Convert all & in that string to & and paste it into your browser URL bar. You should receive the naked HTML from Amazon then. Don’t wait too long until you paste it so that your timestamp doesn’t expire. If there’s an error message, double check that you only converted the ampersands and didn’t strip too much. That should absolutely throw an error in your case.

Another explanation could be if you have any exceptional characters in your keys beyond a slash (which works, there’s one in my own secret key) and that the encryption does funny things to it. Or you haven’t checked a checkbox in Amazon’s terms of services or something… ??