HitBTC Post Error Wrong Signature | Bitcointalksearch.org

bigj

full member

Activity: 198

Merit: 100

Quote from: fiveironfrnzy08 on July 23, 2014, 12:46:23 PM

HitBTC replied with an example that helped me find the issue!

What I was missing was that I was generating the signature with

http://demo-api.hitbtc.com/api/1/trading/balance?nonce=NONCE&apikey=APIKEY

Rather than just...

api/1/trading/balance?nonce=NONCE&apikey=APIKEY

It appears that the signature cannot include the http portion... It is only required for the HttpGet constructor.

Thank you for your help!

Just to be precise, it must be

/api/1/trading/balance?nonce=NONCE&apikey=APIKEY

starting with a slash "/".

fiveironfrnzy08

newbie

Activity: 4

Merit: 0

HitBTC replied with an example that helped me find the issue!

What I was missing was that I was generating the signature with

http://demo-api.hitbtc.com/api/1/trading/balance?nonce=NONCE&apikey=APIKEY

Rather than just...

api/1/trading/balance?nonce=NONCE&apikey=APIKEY

It appears that the signature cannot include the http portion... It is only required for the HttpGet constructor.

Thank you for your help!

fiveironfrnzy08

newbie

Activity: 4

Merit: 0

Thank you for the replies!

I have reached out to the HitBTC staff and they are looking it over. Forum responses are much more prompt and numerous, however

I do understand that the trading API needs the signature, I'm just not sure I'm providing it properly... Here is a snippet that I sent them, regarding a call to the balance method in the trading API.

First, "url" is being generated as:
http://demo-api.hitbtc.com/api/1/trading/balance?nonce=1406121935&apikey=MYAPIKEY

This is passed into the mac/signature generation and added to the HttpGet header:

Code:

		key = new SecretKeySpec( SECRET.getBytes( "UTF-8" ), "HmacSHA512" );
		// Create a new mac
		mac = Mac.getInstance( "HmacSHA512" );
		// Init mac with key.
		mac.init( key );

		headers.add( new BasicHeader( "X-Signature", Hex.encodeHexString( mac.doFinal( new String( url ).toLowerCase( ).getBytes( "UTF-8" ) ) ) ) );

		// Now do the actual request
		HttpClient client = HttpClientBuilder.create( ).build( );
		HttpPost post = null;
		HttpGet get = null;
		HttpResponse response = null;
		
 		if ( "POST".equalsIgnoreCase( requestType ) ) {


 			post = new HttpPost( new URI( url.toLowerCase( ) ) );
			post.setEntity( new UrlEncodedFormEntity( urlParameters ) );
			post.setHeaders( headers.toArray( new Header[ headers.size( ) ] ) );
			response = client.execute( post );

		} else if ( "GET".equalsIgnoreCase( requestType ) ) {

			get = new HttpGet( new URI( url.toLowerCase( ) ) );
			get.setHeaders( headers.toArray( new Header[ headers.size( ) ] ) );
			response = client.execute( get );

cozytrade

sr. member

Activity: 1097

Merit: 310

Seabet.io | Crypto-Casino

While market data API does not need signature, Trading API needs X-Signature header with hmac sha512 based signature of urlpath including nonce and key. What value did you set?

arieq

sr. member

Activity: 364

Merit: 256

I think you should contact them (admin of hitbtc) or perhaps you may get a brief assistance by posting it in hitbtc's official thread here
https://bitcointalk.org/index.php?topic=378827.320

fiveironfrnzy08

newbie

Activity: 4

Merit: 0

Good afternoon,

I'm getting a message back that is specifying "Wrong signature" with code "NotAuthorized" when sending any requests from the HitBTC Trading API. The market data API requests work fine, all of the permissions are checked in the setting in my account.

Any ideas what the problem could be?
Let me know what info would be helpful.

Thank you!
Ryan

Topic: HitBTC Post Error Wrong Signature (Read 2038 times)