Amazon Web Services / Product Advertising API Query Signer (JavaScript )

*** UPDATE 2009.07.13 ***

See http://sowacs.appspot.com for the latest.  This has gotten a whole lot more serious since last updated.

*** UPDATED 2009.06.12 ***

 BUG FIX: Adjust for FF back button / form state / dom "bug" (better this way anyway); ensure that fields collected from form do not contain timestamp or signature.

*** UPDATED 2009.06.03 ***

BUG FIX: Wasn't handling single digit days correctly in IE.  FF was ok.  Unknown about other browsers.

*** UPDATED 2009.05.21 ***

Now handles forms / POST.

• Minor change to interface: "getSignedQuery" is now "signQuery", same arguments.
• New methods:
  • signForm
  • getFormSignature
  • getQuerySignature
• Bug fixes:
  • ! ' ( ) *  were not being globally replaced when URI encoding.
  • Timestamp format would have failed in Firefox (FF bug: toUTCString() returns "www, dd MMM yyyy HH:mm:ss GMT" instead of "... UTC").
• Also included the dependency files in this zip.

/*
 AWSQS = Amazon Web Services / Product Advertising API Query Signer (JavaScript)

 2009.05.21, fractalnavel: fixed some errors picked up by http://jslint.com/
 2009.05.18, fractalnavel: tweaks
 2009.05.17, fractalnavel: factored more generic form & query methods
 2009.05.16, fractalnavel: mods for SRE
 2009.05.11, fractalnavel: original; with thanks for assistance to the folks at  http://developer.amazonwebservices.com/connect/thread.jspa?threadID=31701

 All customary licenses and disclaimers for code posted in open forums apply.

 ============================================================================

 Dependencies - you will need to download, save & reference the following:

 - ecmanaut.base64.js from http://ecmanaut.blogspot.com/2007/11/javascript-base64-singleton.html
 - jssha256.js from http://point-at-infinity.org/jssha256/

 Usage:

 - Reference the dependencies and this file, e.g.:

  <script language="javacript" src="jssha256.js"></script>
  <script language="javacript" src="ecmanaut.base64.js"></script>
  <script language="javacript" src="AWSQuerySigner.js"></script>

 - Call as follows, e.g.:

  AWSQS.signForm( theForm, strAWSSecretAccessKey );

  --- OR ---

  strSignedQuery = AWSQS.signQuery( strOriginalQuery, strAWSSecretAccessKey );

  Can also retrieve timestamp & signature:

  var oSign = AWSQS.getFormSignature( theForm, strAWSSecretAccessKey );

  --- OR ---

  var oSign = AWSQS.getQuerySignature( strOriginalQuery, strAWSSecretAccessKey );

  where oSign = { Timestamp: (timestamp), Signature: (signature) }

 Notes:

 - Intended to assist with retro-fitting existing JavaScript code for the new AWS query signing requirement
 - No error handling is provided

*/