i have to add interswitch payment methods in my web application but i am receiving error
following is my code
function billersCategories()
{
$nonce=$randomNum=substr(str_shuffle("0123456789abcdefghijklmnopqrstvwxyz"), 0, 60);
$date = new DateTime();
$timestamp=$date->getTimestamp();
// Signature
$httpMethod = "GET";
$url='https://sandbox.interswitchng.com/api/v2/quickteller/categorys';
$clientId = "IKIA9D98ABCDEFGHIFAKEID1E09104959B9755C41E1";
$clientSecretKey = "d5uAr+U8QhSv8vQtKPDIUI62327Fsfsfsf65=";
$signatureCipher = $httpMethod."&".$url."&".$timestamp."&".$nonce."&".$clientId."&".$clientSecretKey;
$signature = base64_encode($signatureCipher);
$data = array("TerminalID" => "9APY556261");
$data_string = json_encode($data);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$data_string);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type:application/json',
'Authorization:InterswitchAuth SUtJQTUyNTBERkY1NkU5MzM2OUM0RkRBRjMxQTQ3QTg1RkNDODYyRTRDOUU=',
'Signature:'.$signature,
'Nonce:'.$nonce,
'Timestamp:'.$timestamp,
'SignatureMethod:SHA512'
));
$result = curl_exec($ch);
echo curl_getinfo($ch) . '<br/>';
echo curl_errno($ch) . '<br/>';
echo curl_error($ch) . '<br/>';
var_dump($result);
}
But i am receiving following error
"The HTTP method is not supported for this resource", i tried http method POST but same error, i am new on API can someone please help me to solve this .
Use this instead, fill the following
In the variable
- $clientId
- $clientSecretKey
At the header
- TerminalID
<?php
$nonce=$randomNum=substr(str_shuffle("0123456789abcdefghijklmnopqrstvwxyz"), 0, 60);
$date = new DateTime();
$timestamp=$date->getTimestamp();
$httpMethod = "GET";
$clientId = "YOUR_OWN_ID";
$clientSecretKey = "YOUR_OWN_CLIENT_SECRET_KEY";
$resourceUrl='https://sandbox.interswitchng.com/api/v2/quickteller/categorys';
$resourceUrl = strtolower($resourceUrl);
$resourceUrl = str_replace('http://', 'https://', $resourceUrl);
$encodedUrl = urlencode($resourceUrl);
$transactionParams = "1";
$httpMethod = "GET";
$signatureCipher = $httpMethod . '&' . $encodedUrl . '&' . $timestamp . '&' . $nonce . '&' . $clientId . '&' . $clientSecretKey;
if (!empty($transactionParams) && is_array($transactionParams)) {
$parameters = implode("&", $transactionParams);
$signatureCipher = $signatureCipher . $parameters;
}
$signature = base64_encode(sha1($signatureCipher, true));
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$resourceUrl);
// curl_setopt($ch, CURLOPT_POST, 1);
// curl_setopt($ch, CURLOPT_POSTFIELDS,$vars); //Post Fields
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$headers = [
'Content-Type:application/json',
'Authorization:InterswitchAuth SUtJQTAzREM3RDY5NUREMzZFQURFNTQxNEE2Nzg1MUJCMUZFQ0Y5MUIxRjg=',
'Signature:'.$signature,
'Nonce:'.$nonce,
'Timestamp:'.$timestamp,
'SignatureMethod:SHA1',
'TerminalID:YOUR_ASSIGNED_TERMINAL_ID'
];
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$server_output = curl_exec ($ch);
curl_close ($ch);
echo $server_output;
?>
This worked for me, hope it help someone in future
Related
When I send get request to retrieve the latest address it works fine but when I tried to send a post request to generate a new address I get this error authentication error invalid signature
I'm sure everything is correct because I followed their doc but I guess they need to update it
$apiKey = "xx";
$apiSecret = "xxx";
$accountId = "accountx";
$body = '';
$timestamp = time();
$message = $timestamp . 'GET' . '/v2/user' . $body;
$signature = hash_hmac('SHA256', $message, $apiSecret);
$version = '2020-06-23';
$headers = array(
'CB-ACCESS-SIGN: ' . $signature,
'CB-ACCESS-TIMESTAMP: ' . $timestamp,
'CB-ACCESS-KEY: ' . $apiKey,
'CB-VERSION: ' . $version
);
$api_url = 'https://api.coinbase.com/v2/user';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, 1);
$data = curl_exec($ch);
curl_close($ch);
$ctx = stream_context_create(["http"=>["user_agent"=>"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:63.0) Gecko/20100101 Firefox/63.0"]]);
$response_btc = file_get_contents('https://api.coinbase.com/v2/prices/BTC-USD/spot', true, $ctx);
$object_btc = json_decode($response_btc, true);
$usdprice = $object_btc["data"]["amount"];
$btcamount = number_format($amount/$usdprice, 8, '.', '');
$body1 = '';
$timestamp1 = time();
$message1 = $timestamp1 . 'POST' . '/v2/accounts/accountx/addresses' . $body1;
$signature1 = hash_hmac('SHA256', $message1, $apiSecret);
$version1 = '2020-06-23';
$headers1 = array(
'CB-ACCESS-SIGN: ' . $signature1,
'CB-ACCESS-TIMESTAMP: ' . $timestamp1,
'CB-ACCESS-KEY: ' . $apiKey,
'CB-VERSION: ' . $version1,
'Content-Type: appliaction/json'
);
$api_url = "https://api.coinbase.com/v2/accounts/accountx/addresses";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "{\"name\": \"New receive address\"}");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
$data1 = curl_exec($ch);
if(curl_errno($ch))
{
echo "Errore: " . curl_error($ch);
}
else
{
echo $data1;
}
curl_close($ch);
I was getting the same error, and I solved it using:
json_encode($body);
I am struggling using Binance's REST API. I have managed to get working GET request via query string such as pinging the server, ticker information, etc. My challenge now is performing POST request via query string using cURL. I have been scraping code from various places and referring back to the API to get pieces to work but I am unsure as to why I am getting this error returned from the result... {"code":-1102,"msg":"Mandatory parameter 'signature' was not sent, was empty/null, or malformed."}
(ERROR SHOWN ON WEBPAGE). I echo out the signature and its a load of gibberish so I would believe that the hash_hmac performed at the top would be working, but honestly I got pretty lucky making the GET request work. Does anyone have any suggestions as to why this would be broken? Thanks!
$apikey = "MYKEY";
$apisecret = "MYSECRET";
$timestamp = time()*1000; //get current timestamp in milliseconds
$signature = hash_hmac('sha256', "TRXBTC&type=market&side=buy&quantity=100.00&recvWindow=10000000000000000×tamp=".$timestamp, $apisecret);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.binance.com/api/v3/order/test");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "symbol=TRXBTC&type=market&side=buy&quantity=100.00&recvWindow=10000000000000000×tamp=".$timestamp);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","X-MBX-APIKEY: ".$apikey,"signature: ".$signature));
$response = curl_exec($ch);
curl_close($ch);
echo $response;
As per their API docs:
SIGNED endpoints require an additional parameter, signature, to be sent in the query string or request body.
You are sending the signature via neither of these methods and are instead sending it through the header.
Change this:
curl_setopt($ch, CURLOPT_POSTFIELDS, "symbol=TRXBTC&type=market&side=buy&quantity=100.00&recvWindow=10000000000000000×tamp=".$timestamp);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","X-MBX-APIKEY: ".$apikey,"signature: ".$signature));
To this:
curl_setopt($ch, CURLOPT_POSTFIELDS, "symbol=TRXBTC&type=market&side=buy&quantity=100.00&recvWindow=10000000000000000×tamp=" . $timestamp . "&signature=" . $signature);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","X-MBX-APIKEY: ".$apikey));
<?php
$secret = "F................";
$key = "D.................";
$s_time = "timestamp=".time()*1000;
$sign=hash_hmac('SHA256', $s_time, $secret);
$url = "https://api.binance.com/api/v3/account?".$s_time.'&signature='.$sign;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-MBX-APIKEY:'.$key));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_URL, $url);
$result = curl_exec($ch);
$result = json_decode($result, true);
echo '<pre>';
var_dump($result);
echo '</pre>';
?>
Here is an example, using php-curl-class
// Variables
// url, key and secret is on separate file, called using require once
$endPoint = "/api/v3/order/test";
$coin = "BTC";
$fiat = "EUR";
$symbol = $coin . "" . $fiat;
$side = "BUY";
$type = "LIMIT";
$timeInForce = "GTC";
$quantity = 1;
$price = 10000;
$timestamp = time();
// Constructing query arrays
queryArray = array(
"symbol" => $symbol,
"side" => $side,
"type" => $type,
"timeInForce" => $timeInForce,
"quantity" => $quantity,
"price" => $price,
"timestamp" => $timestamp*1000
);
$signature = hash_hmac("sha256", http_build_query($queryArray), $secret);
$signatureArray = array("signature" => $signature);
$curlArray = $queryArray + $signatureArray;
// Curl : setting header and POST
$curl->setHeader("Content-Type","application/x-www-form-urlencoded");
$curl->setHeader("X-MBX-APIKEY",$key);
$curl->post($url . "" . $endPoint, $curlArray);
if ($curl->error) {
echo 'Error: ' . $curl->errorCode . ': ' . $curl->errorMessage . "\n";
}
$order = $curl->response;
print_r($order);
I had the same problem, and nothing of above doesn't helped.
So I finaly figured out how to make order on my way.
So, maybe this helps someone.
function Kupovina($buy_parametri) {
$key = "xxxxxxxxxxxxxxx";
$secret = "xxxxxxxxxxxx";
$s_time = "timestamp=".time()*1000;
$timestamp = time()*1000; //get current timestamp in milliseconds
$sign = hash_hmac('sha256', $buy_parametri."×tamp=".$timestamp, $secret);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.binance.com/api/v3/order");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $buy_parametri."&".$s_time."&signature=".$sign);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","X-MBX-APIKEY: ".$key));
$response = curl_exec($ch);
curl_close($ch);
return $response;
}
$buy_parametri = "symbol=BTCUSDT&type=market&side=buy&quantity=0.00086";
Call function:
Kupovina($buy_parametri);
Hello im using that code to create buy order but it shows me that error "{"code":"UNAUTH","msg":"Signature verification failed","success":false,"timestamp":1517154443105}"
$ku_key = 'KEY';
$ku_secret = 'SECRET';
$host = "https://api.kucoin.com";
$nonce = round(microtime(true) * 1000);
$endpoint = "/v1/order";
$querystring = "symbol=POE-BTC&price=0.00000748&amount=5514.70588235&type=BUY";
$signstring = $endpoint.'/'.$nonce.'/'.$querystring;
$hash = hash_hmac('sha256', base64_encode($signstring) , $ku_secret);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $host . $endpoint);
$headers = [ 'KC-API-SIGNATURE:' . $hash, 'KC-API-KEY:' . $ku_key, 'KC-API-NONCE:' . $nonce, 'Content-Type:application/json' ];
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; Kucoin Bot; '.php_uname('a').'; PHP/'.phpversion().')' );
/*
YOU CAN USE THIS SECTION, I USE BOTH OF THEM WITH THIS AND WITHOUT THIS. NOT WORKING WITH BOTH.
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "symbol=POE-BTC&price=0.00000748&amount=5514.70588235&type=BUY");
*/
curl_setopt($ch, CURLOPT_URL, $host . $endpoint);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$data = curl_exec($ch);
var_dump($data);
I was facing the same error message today when I was implementing the KuCoin API in my trader software. However, I got it working. Please find my working solution below:
/**
*
* #see https://kucoinapidocs.docs.apiary.io/#introduction/authentication/signature-calculation
*
*/
private function signedRequest($endpoint, $params = array())
{
$ch = curl_init();
// Must be synced, KuCoin rejects requests > 3s
$nonce = round(microtime(true) * 1000);
// Build the data string.
// Note - According documentation:
// Arrange the parameters in ascending alphabetical order (lower cases first)
$queryString = http_build_query($params, '', '&');
// Splice string for signing
$auth = $endpoint . '/' . $nonce . '/' . $queryString;
// Make a base64 encoding of the completed string
$signedStr = base64_encode($auth);
$signature = hash_hmac('sha256', $signedStr, $this->secret);
$headers = array (
'KC-API-KEY:' . $this->key,
'KC-API-NONCE:' . $nonce,
'KC-API-SIGNATURE:' . $signature,
);
// POST is not allowed so we attach the parameter to the url
$curl = $this->base . $endpoint . "?" . $queryString;
// make the request
curl_setopt($ch, CURLOPT_URL, $curl);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// do not print output to screen
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$result = curl_exec($ch);
return $result;
}
Tested with endpoint '/v1/account/balances'
public function getWalletBalance()
{
$params = array(
'limit' => '12',
'page' => '1'
);
$balance = $this->signedRequest("/v1/account/balances", $params);
return $this->_getFormattedBalance($balance);
}
You need to order your params alphabetically in both the query string and post request. Their docs need a little improvement but this is stated in them somewhere.
$querystring = "amount=5514.70588235&price=0.00000748&symbol=POE-BTC&type=BUY";
curl_setopt($ch, CURLOPT_POSTFIELDS, "amount=5514.70588235&price=0.00000748&symbol=POE-BTC&type=BUY");
I am trying to create the proper signature for the Ascentis API. There documentation is http://www.ascentis.com/API/Ascentis_API_Documentation.pdf. Page 4 describes the Signature format.
Here is my PHP code. Am I doing something wrong? I get a "not authorized error".
$url='https://selfservice2.ascentis.com/mycompany/api/v1.1/employees';
$timestamp=gmdate('Y-m-d\TH:i:s\Z');
$path=strtolower(str_replace('https://selfservice2.ascentis.com','',$url));
$signature_string="GET {$path} {$timestamp}";
$signature=hash_hmac("sha1",$signature_string,$secret_key);
$authorization=encodeUrl($client_key).':'.encodeUrl($signature);
Here's a more complete example. Props to #Steve Lloyd for getting me in the right direction.
$codes['secret_key'] = 'my_secret';
$client_key = 'my_key';
$url = 'https://selfservice.ascentis.com/my_company/api/v1.1/employees?lastname=%s';
$timestamp = gmdate('Y-m-d\TH:i:s\Z');
$path = strtolower(str_replace('https://selfservice.ascentis.com', '', $url));
$signature_string = "GET {$path} {$timestamp}";
$signature = base64_encode(hash_hmac("sha1", $signature_string, $codes['secret_key'], TRUE));
$authorization = urlencode($client_key) . ':' . urlencode($signature);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
"Authorization: " . $authorization,
"Accept: application/xml",
"Timestamp: " . $timestamp,
]);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
$data = curl_exec($ch);
$info = curl_getinfo($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo "Received $httpcode from $url\n";
echo "Key: $client_key\n";
echo "Signature: $signature\n";
echo "authorization: $authorization\n";
echo "request info:" . var_export($info, TRUE) . "\n";
echo "data:\n";
var_export($data, TRUE)
After playing the trial and error game I was able to get this working. It turns out that you have to set hash_hmac to raw_output. Here is the working code:
$url='https://selfservice2.ascentis.com/mycompany/api/v1.1/employees';
$timestamp=gmdate('Y-m-d\TH:i:s\Z');
$path=strtolower(str_replace('https://selfservice2.ascentis.com','',$url));
$signature_string="GET {$path} {$timestamp}";
$signature=base64_encode(hash_hmac("sha1",$signature_string,$codes['secret_key'],true));
$authorization=encodeUrl($client_key).':'.encodeUrl($signature);
I am trying to authenticate the google account using this tutorial. I am passing just my username and password but it returning false. I am new to it. Here is the function i am calling
function googleAuthenticate($username, $password, $source = 'your_google_app', $service = 'lh2') {
$session_token = $source . '_' . $service . '_auth_token';
// get an authorization token
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/accounts/ClientLogin");
$post_fields = "accountType=" . urlencode('GOOGLE')
. "&Email=" . urlencode($username)
. "&Passwd=" . urlencode($password)
. "&source=" . urlencode($source)
. "&service=" . urlencode($service);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLINFO_HEADER_OUT, true); // for debugging the request
curl_setopt($ch, CURLOPT_VERBOSE, true); // for debugging the request
var_dump(curl_getinfo($ch,CURLINFO_HEADER_OUT));
echo "<br>";
var_dump($post_fields);
echo "<br>";
$response = curl_exec($ch);
curl_close($ch);
var_dump($response);
exit();
if (strpos($response, '200 OK') === false) {
return false;
}
// find the auth code
preg_match("/(Auth=)([\w|-]+)/", $response, $matches);
if (!$matches[2]) {
return false;
}
$_SESSION[$session_token] = $matches[2];
return $matches[2];
}