MtGox API version 2: Unofficial Documentation - page 3.

nitrous

sr. member

Activity: 246

Merit: 250

Quote from: MusX on September 02, 2013, 05:20:23 PM

Quote from: nitrous on September 02, 2013, 05:01:28 PM

or if the order has already been filled.

this the the case which I would handle, is there any better way to catch that error other than suppress market api error? there should be, open orders can disappear in any time.

Sorry, no, you'll just have to check for errors yourself. Anyway, the HTTP API can be unreliable at times so you will need to handle unexpected errors for all methods.

MusX

full member

Activity: 175

Merit: 100

Quote from: nitrous on September 02, 2013, 05:01:28 PM

or if the order has already been filled.

this the the case which I would like to handle, is there any better way to catch that error other than suppress market api error? there should be, open orders can disappear in any time.

Quote from: nitrous on September 02, 2013, 05:01:28 PM

MtGox's websocket API

this would be the whole new project which currently I don't have time to code.

Quote from: nitrous on September 02, 2013, 05:01:28 PM

But if you think you have a different approach and want to do it, feel free to create your own script

I think I will try

nitrous

sr. member

Activity: 246

Merit: 250

Quote from: MusX on September 02, 2013, 04:32:20 PM

Hi,

Anybody could recommend how to handle cancel order launched on inactive order?
You can simply have an open order, fetch it's oid, but before you will launch cancel particular oid somebody can fill it.
Currently the mtgox api returns: Error: Internal Server Error, I'm almost sure it is with result = 'error'.
Would be nice direct "cancel all open orders on particular currency" method

Another question is time threshold described in the most logic way to code "antispam guard", there are some methods which has different api call limits than others in the different time frames, would be good to setup the antispam guardian in the most fitted way.

I remember there was an issue with full trades history download, I can code a script which can download the recent trades history and the csv full history from bitcoincharts and match them. It can be better way than some cloud solution. If anyone interested please write an output format: csv, sql script, sqlite db.

Regards

You usually shouldn't get an error. Errors should only occur if the server is having problems or if the order has already been filled. There is no way to cancel all open orders at once. Instead you can do this by calling BTCUSD/money/orders, and then cancelling each of the orders individually.

Usually, a maximum of 10 API requests per 10 seconds will be a good antispam-guard. If you want to do more frequent API calls, try using MtGox's websocket API

There are already some people working on this:

But if you think you have a different approach and want to do it, feel free to create your own script

MusX

full member

Activity: 175

Merit: 100

Hi,

Anybody could recommend how to handle cancel order launched on inactive order?
You can simply have an open order, fetch it's oid, but before you will launch cancel particular oid somebody can fill it.
Currently the mtgox api returns: Error: Internal Server Error, I'm almost sure it is with result = 'error'.
Would be nice direct "cancel all open orders on particular currency" method

Another question is time threshold described in the most logic way to code "antispam guard", there are some methods which has different api call limits than others in the different time frames, would be good to setup the antispam guardian in the most fitted way.

I remember there was an issue with full trades history download, I can code a script which can download the recent trades history and the csv full history from bitcoincharts and match them. It can be better way than some cloud solution. If anyone interested please write an output format: csv, sql script, sqlite db.

Regards

Lotus

jr. member

Activity: 107

Merit: 7

Hmm... I figured as much. I hope they would fix their API soon. Thanks.

nitrous

sr. member

Activity: 246

Merit: 250

Quote from: Lotus on August 06, 2013, 02:24:55 AM

Is there a reliable way to get completed/past order IDs to pass them to the "/money/order/result" query? It seems that whatever they return in the wallet history is not what this API expects.

BTW, great job nitrous on the documentation in general.

Unfortunately, not really.

Ideally you would need to capture the order ID from a 'money/order/add' request. If not, I believe you may be able to get the order ID from the websocket api if and when a change occurs while the trade is being processed. After it has completed, however, I don't believe there is a way to get its ID.

Your only other option is to collate the information provided by the wallet history to try to collect the information you need.

Lotus

jr. member

Activity: 107

Merit: 7

Is there a reliable way to get completed/past order IDs to pass them to the "/money/order/result" query? It seems that whatever they return in the wallet history is not what this API expects.

BTW, great job nitrous on the documentation in general.

nitrous

sr. member

Activity: 246

Merit: 250

divergenta

full member

Activity: 162

Merit: 100

marcomagno

newbie

Activity: 4

Merit: 0

Thanks. I was scouting for another set of few hours to understand how a trading bot extension for Chrome (entirely written in JS) could do it. Then i found that there is a setting that applies only to extensions to disable access control. One can disable access control for Chrome but then the browser needs to be launched with arguments.

I will go for your idea and create a php page server side to handle the requests.

Unwanted setback... Undecided

but, thanks a lot!

nitrous

sr. member

Activity: 246

Merit: 250

Quote from: marcomagno on July 30, 2013, 07:27:19 AM

Hi Guys, I have been beating my head on this for more than 10hours...

I have written the following javascript code, with the incredibly generous help of the un-official guide:

Code:

function auth() {
var RestKey= 'my API KEY';
var tonce = microtime();
var secret = 'my secret';

var message = 'BTCUSD/money/info' + '\0';
var RestSign = hmac_512(message,secret);
var path = 'https://data.mtgox.com/api/2/BTCUSD/money/info/';
var result = $.ajax({
                        url: path,
                        headers:{'tonce': tonce, 'Rest-Key': RestKey, 'Rest-Sign': RestSign},
                        type: 'POST',
                        success: function (data) {console.log(data);}
                        }); 
}

where hmac_512 is calculated with jsSHA:

Code:

function hmac_512(message, secret) {
    var shaObj = new jsSHA(message, "TEXT");
    var hmac = shaObj.getHMAC(secret, "B64", "SHA-512", "B64");
    return hmac;
}

the issue is that i keep getting the following error. I think I have tried all possible combinations, but no success. It seems like my headers are not accepted. It does not seem to be an origin-related kind of issue, because that is a different message normally.

Quote

OPTIONS https://data.mtgox.com/api/2/BTCUSD/money/info/ Request header field Rest-Sign is not allowed by Access-Control-Allow-Headers. jquery.min.js:4

XMLHttpRequest cannot load https://data.mtgox.com/api/2/BTCUSD/money/info/. Request header field Rest-Sign is not allowed by Access-Control-Allow-Headers.

Thanks in advance to any helpful soul that could take me out of my misery...

Most (all?) web browsers don't allow you to send ajax requests to other domains, as it presents a security vulnerability. In some browsers you can lower the security settings I think, and you may be able to get it working from localhost, but otherwise you'll need to use an intermediate server-side script to perform the request, and use ajax to talk to this script instead of MtGox.

marcomagno

newbie

Activity: 4

Merit: 0

Hi Guys, I have been beating my head on this for more than 10hours...

I have written the following javascript code, with the incredibly generous help of the un-official guide:

Code:

function auth() {
var RestKey= 'my API KEY';
var tonce = microtime();
var secret = 'my secret';

var message = 'BTCUSD/money/info' + '\0';
var RestSign = hmac_512(message,secret);
var path = 'https://data.mtgox.com/api/2/BTCUSD/money/info/';
var result = $.ajax({
                        url: path,
                        headers:{'tonce': tonce, 'Rest-Key': RestKey, 'Rest-Sign': RestSign},
                        type: 'POST',
                        success: function (data) {console.log(data);}
                        }); 
}

where hmac_512 is calculated with jsSHA:

Code:

function hmac_512(message, secret) {
    var shaObj = new jsSHA(message, "TEXT");
    var hmac = shaObj.getHMAC(secret, "B64", "SHA-512", "B64");
    return hmac;
}

the issue is that i keep getting the following error. I think I have tried all possible combinations, but no success. It seems like my headers are not accepted. It does not seem to be an origin-related kind of issue, because that is a different message normally.

Quote

OPTIONS https://data.mtgox.com/api/2/BTCUSD/money/info/ Request header field Rest-Sign is not allowed by Access-Control-Allow-Headers. jquery.min.js:4

XMLHttpRequest cannot load https://data.mtgox.com/api/2/BTCUSD/money/info/. Request header field Rest-Sign is not allowed by Access-Control-Allow-Headers.

Thanks in advance to any helpful soul that could take me out of my misery...

xchrix

hero member

Activity: 905

Merit: 1001

fixed my problem. i have switched the url from http to https...
cloudflare is really doing a bad job!

nitrous

sr. member

Activity: 246

Merit: 250

Quote from: xchrix on July 19, 2013, 09:08:02 AM

if i run the script from another IP everything is working fine! yes i get this message the since 24hours i think...

Quote from: nitrous on July 19, 2013, 07:08:15 AM

Quote from: xchrix on July 19, 2013, 04:11:17 AM

okay i think i got banned from the mtgox API Sad

Quote

Website is currently unreachable (1)
The website that you are trying to access is in Offline Mode, which means the server is not currently responding.
cloudflare.com

have fetched the trades once in 5 minutes. what shall i do?

That doesn't sound like you've been blocked by cloudflare, it should be more explicit than that. More likely, MtGox was actually offline at that moment. Are you still getting that message?

That's weird, maybe you have been then. Try going to #mtgox on freenode IRC and asking for some help. Your best bet is probably 9am-5pm tokyo time so you can ask someone actually at MtGox.

xchrix

hero member

Activity: 905

Merit: 1001

if i run the script from another IP everything is working fine! yes i get this message the since 24hours i think...

Quote from: nitrous on July 19, 2013, 07:08:15 AM

Quote from: xchrix on July 19, 2013, 04:11:17 AM

okay i think i got banned from the mtgox API Sad

Quote

Website is currently unreachable (1)
The website that you are trying to access is in Offline Mode, which means the server is not currently responding.
cloudflare.com

have fetched the trades once in 5 minutes. what shall i do?

That doesn't sound like you've been blocked by cloudflare, it should be more explicit than that. More likely, MtGox was actually offline at that moment. Are you still getting that message?

nitrous

sr. member

Activity: 246

Merit: 250

Quote from: xchrix on July 19, 2013, 04:11:17 AM

okay i think i got banned from the mtgox API Sad

Quote

Website is currently unreachable (1)
The website that you are trying to access is in Offline Mode, which means the server is not currently responding.
cloudflare.com

have fetched the trades once in 5 minutes. what shall i do?

That doesn't sound like you've been blocked by cloudflare, it should be more explicit than that. More likely, MtGox was actually offline at that moment. Are you still getting that message?

xchrix

hero member

Activity: 905

Merit: 1001

okay i think i got banned from the mtgox API Sad

Quote

Website is currently unreachable (1)
The website that you are trying to access is in Offline Mode, which means the server is not currently responding.
cloudflare.com

have fetched the trades once in 5 minutes. what shall i do?

nitrous

sr. member

Activity: 246

Merit: 250

Quote from: zhangweiwu on July 12, 2013, 11:35:42 PM

Quote from: nitrous on July 12, 2013, 08:46:59 AM

I've compiled some information about the socket api here https://bitbucket.org/nitrous/mtgox-api/src/master/socket?at=master with example python code.

Thanks! tested and it works for me. Here is a minimalist sample that works on python3. There are a lot of changes needed for python3, including frequently converting str to bytes, incompatible urlencode() and lack of urllib2. This example uses python-requests to shorten the code in attempt to manifest the security measurement:

That's great, thanks

If you don't mind, I've uploaded it to the example code section.

zhangweiwu

sr. member

Activity: 313

Merit: 250

Quote from: nitrous on July 12, 2013, 08:46:59 AM

I've compiled some information about the socket api here https://bitbucket.org/nitrous/mtgox-api/src/master/socket?at=master with example python code.

Thanks! tested and it works for me. Here is a minimalist sample that works on python3. There are a lot of changes needed for python3, including frequently converting str to bytes, incompatible urlencode() and lack of urllib2. This example uses python-requests to shorten the code in attempt to manifest the security measurement:

Code:

import hmac, base64, hashlib, urllib, time, requests

base = 'https://data.mtgox.com/api/2/'
key = ""
sec = ""

def request(get_or_post, path, inp={}):

    def sign(path, data): # not used by any other functions
        return hmac.new(base64.b64decode(bytes(sec, 'UTF-8')), 
            bytes(path+chr(0)+data, 'UTF-8'), hashlib.sha512)

    if get_or_post == 'get':
        return requests.get(base+path)

    inp[u'tonce'] = str(int(time.time()*1e6))
    post_data = urllib.parse.urlencode(inp)
    headers = {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Rest-Key': key,
        'Rest-Sign': base64.b64encode(sign(path, post_data).digest())
    }
    return requests.post(base+path, data = post_data, headers = headers)

# example: get
#r = request('get', 'BTCUSD/money/ticker_fast')
#print(r.text)

# example: post
#r = request('post', 'BTCUSD/money/info')
#print(r.text)

# example: post with params (use your own order ID here)
#data = {'order': 'd5111d57-c495-48a0-923d-59b729dba331', 'type':'ask'}
#r = request('post', 'BTCUSD/money/order/result', data)
#print(r.text)

Output (activated the last most-complicated example)

Code:

!python3 /tmp/test.py
[No se ha escrito nada al disco desde el último cambio]
{"result":"success","data":{"order_id":"d5111d57-c495-48a0-923d-59b729dba331","trades":[{"trade_id":"1373688054789976","primary":"Y","currency":"USD","type":"ask
","properties":"limit","item":"BTC","amount":{"value":"0.01000000","value_int":"1000000","display":"0.01000000\u00a0BTC","display_short":"0.01\u00a0BTC","currenc
y":"BTC"},"price":{"value":"91.89874","value_int":"9189874","display":"$91.89874","display_short":"$91.90","currency":"USD"},"spent":{"value":"0.91899","value_in
t":"91899","display":"$0.91899","display_short":"$0.92","currency":"USD"},"date":"2013-07-13 04:00:54"}],"total_amount":{"value":"0.01000000","value_int":"100000
0","display":"0.01000000\u00a0BTC","display_short":"0.01\u00a0BTC","currency":"BTC"},"total_spent":{"value":"0.91899","value_int":"91899","display":"$0.91899","d
isplay_short":"$0.92","currency":"USD"},"avg_cost":{"value":"91.89900","value_int":"9189900","display":"$91.89900","display_short":"$91.90","currency":"USD"}}}

zhangweiwu

sr. member

Activity: 313

Merit: 250

Quote from: nitrous on July 12, 2013, 08:46:59 AM

Hi zhangweiwu,

With regards to the example, sorry I thought I had tested it. I've pushed a new version that should work and uses the new tonce instead of nonce. Please note also that some API methods must be performed by GET now, and others by POST.

Thanks a lot! Decyphering the MtGox API really need some team work, because it is plain trial and error. The error message was never clear and some thing works something not. It is a waste of intelligence to try individually. For example I cannot figure out why I used to be able to repeatedly check order result this mid day and now I am not able to do it even once (HTTP Error 403: Forbidden) with exactly the same code -- guessing tounce can help exclude some causes. I am going to try it as soon as I am sober, now I am drinking because I got sick of it.

Sadly, It again showed that one doesn't have to be able to design well in order to occupy the market...

Topic: MtGox API version 2: Unofficial Documentation - page 3. (Read 62513 times)