调用 Coinbase pro 沙箱 api 时,无效:401 未经授权。文本:“{"message":"invalid signature"}” Kotlin
when calling Coinbase pro sandbox api, invalid: 401 Unauthorized. Text: "{"message":"invalid signature"}" Kotlin
我想做的是调用 Coinbase 沙箱 API 获取配置文件的所有帐户。
我正在关注官方文档 https://docs.cloud.coinbase.com/exchange/reference/exchangerestapi_getaccounts
但是不断收到此错误
Client request(https://api-public.sandbox.exchange.coinbase.com/accounts) invalid: 401 Unauthorized. Text: "{"message":"invalid signature"}"
我是不是漏掉了什么?
suspend fun getTradingAccounts(): String {
val timestamp = getTimeStamp()
val response: String = client.get("https://api-public.sandbox.exchange.coinbase.com/accounts") {
headers {
append("Accept", "application/json")
append("Content-Type", "application/json")
append(
"cb-access-key",
"MY_KEY..."
)
append("cb-access-passphrase", "MY_PASSPHRASE....")
append("cb-access-sign", signMessage(
timestamp = timestamp,
method = "GET",
path = "https://api-public.sandbox.exchange.coinbase.com/accounts"
))
append("cb-access-timestamp", timestamp)
}
}
return response
}
private fun getTimeStamp(): String {
val time = LocalDateTime.now()
val zoneId = ZoneId.of("Europe/London")
val epoch = time.atZone(zoneId).toEpochSecond()
return epoch.toString()
}
@Throws(NoSuchAlgorithmException::class, InvalidKeyException::class)
private fun signMessage(timestamp: String, method: String, path: String): String {
val prehash = timestamp + method + path
val sha256_HMAC = Mac.getInstance("HmacSHA256")
val secretDecoded: ByteArray = Base64.getDecoder().decode("MY_API_KEY==")
val secret_key = SecretKeySpec(secretDecoded, "HmacSHA256")
sha256_HMAC.init(secret_key)
return Base64.getEncoder().encodeToString(sha256_HMAC.doFinal(prehash.toByteArray()))
}
据我所知,您的消息签名代码在连接消息组件时未使用请求正文 JSON 字符串。这是我的函数版本,对于相同的输入,returns 与 NodeJS script 中的字符串相同:
import kotlinx.serialization.ExperimentalSerializationApi
import kotlinx.serialization.Serializable
import kotlinx.serialization.encodeToString
import kotlinx.serialization.json.Json
import java.util.*
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
fun main() {
val result = sign(
secret = "TVlfQVBJX0tFWQ==",
timestampMs = System.currentTimeMillis(),
method = "POST",
requestPath = "/orders",
request = Req(
price = "1.0",
size = "1.0",
side = "buy",
product_id = "BTC-USD",
)
)
println(result)
}
@OptIn(ExperimentalSerializationApi::class)
fun sign(timestampMs: Long, method: String, requestPath: String, request: Req, secret: String): String {
val accessTimestamp = timestampMs / 1000.0
val message = "%.3f".format(accessTimestamp) + method + requestPath + Json.encodeToString(request)
val sha256HMAC = Mac.getInstance("HmacSHA256")
val key: ByteArray = Base64.getDecoder().decode(secret)
sha256HMAC.init(SecretKeySpec(key, "HmacSHA256"))
return Base64.getEncoder().encodeToString(
sha256HMAC.doFinal(message.toByteArray())
)
}
@Serializable
data class Req(val price: String, val size: String, val side: String, val product_id: String)
我想做的是调用 Coinbase 沙箱 API 获取配置文件的所有帐户。
我正在关注官方文档 https://docs.cloud.coinbase.com/exchange/reference/exchangerestapi_getaccounts
但是不断收到此错误
Client request(https://api-public.sandbox.exchange.coinbase.com/accounts) invalid: 401 Unauthorized. Text: "{"message":"invalid signature"}"
我是不是漏掉了什么?
suspend fun getTradingAccounts(): String {
val timestamp = getTimeStamp()
val response: String = client.get("https://api-public.sandbox.exchange.coinbase.com/accounts") {
headers {
append("Accept", "application/json")
append("Content-Type", "application/json")
append(
"cb-access-key",
"MY_KEY..."
)
append("cb-access-passphrase", "MY_PASSPHRASE....")
append("cb-access-sign", signMessage(
timestamp = timestamp,
method = "GET",
path = "https://api-public.sandbox.exchange.coinbase.com/accounts"
))
append("cb-access-timestamp", timestamp)
}
}
return response
}
private fun getTimeStamp(): String {
val time = LocalDateTime.now()
val zoneId = ZoneId.of("Europe/London")
val epoch = time.atZone(zoneId).toEpochSecond()
return epoch.toString()
}
@Throws(NoSuchAlgorithmException::class, InvalidKeyException::class)
private fun signMessage(timestamp: String, method: String, path: String): String {
val prehash = timestamp + method + path
val sha256_HMAC = Mac.getInstance("HmacSHA256")
val secretDecoded: ByteArray = Base64.getDecoder().decode("MY_API_KEY==")
val secret_key = SecretKeySpec(secretDecoded, "HmacSHA256")
sha256_HMAC.init(secret_key)
return Base64.getEncoder().encodeToString(sha256_HMAC.doFinal(prehash.toByteArray()))
}
据我所知,您的消息签名代码在连接消息组件时未使用请求正文 JSON 字符串。这是我的函数版本,对于相同的输入,returns 与 NodeJS script 中的字符串相同:
import kotlinx.serialization.ExperimentalSerializationApi
import kotlinx.serialization.Serializable
import kotlinx.serialization.encodeToString
import kotlinx.serialization.json.Json
import java.util.*
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
fun main() {
val result = sign(
secret = "TVlfQVBJX0tFWQ==",
timestampMs = System.currentTimeMillis(),
method = "POST",
requestPath = "/orders",
request = Req(
price = "1.0",
size = "1.0",
side = "buy",
product_id = "BTC-USD",
)
)
println(result)
}
@OptIn(ExperimentalSerializationApi::class)
fun sign(timestampMs: Long, method: String, requestPath: String, request: Req, secret: String): String {
val accessTimestamp = timestampMs / 1000.0
val message = "%.3f".format(accessTimestamp) + method + requestPath + Json.encodeToString(request)
val sha256HMAC = Mac.getInstance("HmacSHA256")
val key: ByteArray = Base64.getDecoder().decode(secret)
sha256HMAC.init(SecretKeySpec(key, "HmacSHA256"))
return Base64.getEncoder().encodeToString(
sha256HMAC.doFinal(message.toByteArray())
)
}
@Serializable
data class Req(val price: String, val size: String, val side: String, val product_id: String)