Coinbase沙盒API /账户调用-带curl的签名无效

ztigrdn8  于 2022-11-13  发布在  其他
关注(0)|答案(1)|浏览(133)

问候语,
看起来我有一个类似的问题,其他人(herehere),但似乎是错过了一些明显的。试图调用Coinbase沙盒API /帐户,以获得一个帐户列表。字面上最基本的调用进入这个...
遵循X1 e2f1x的SIGN文件
为了理解这个问题,我使用了标准的BASH脚本,并调用了curl

#!/usr/bin/env bash

TS=$(date +%s)
API_KEY=fbb28bed4617217f482d878770b8c9b7
PASSPHRASE="passphrase87867"
SECRET="apcep9z66jyW3koh5uHhnq0hKQ5q59EBgTtpZ/GsvN9aigrFbxMpuz+YP7xXo/ev+OBZpqmv4OpCk7OKx6qGbw=="
URL="https://api-public.sandbox.exchange.coinbase.com/accounts"
#https://api.exchange.coinbase.com/accounts \
#https://api-public.sandbox.pro.coinbase.com/accounts \

SIG=$(echo "${TS}GET/accounts" | hmac256 --binary $API_KEY | base64)
#SIG=$(echo "${TS}GET/accounts" | hmac256 --binary $SECRET | base64)
#also tried with PASSPHRASE & SECRET and without base64:
#SIG=$(echo "${TS}GET/accounts" | hmac256 $PASSPHRASE)
#SIG=$(echo "${TS}GET/accounts" | hmac256 $SECRET)

curl --request GET \
     --url $URL \
     --header 'Accept: application/json' \
     --header "cb-access-key: $API_KEY" \
     --header "cb-access-passphrase: $PASSPHRASE" \
     --header "cb-access-sign: $SIG" \
     --header "cb-access-timestamp: $TS"

注解表示我尝试过的各种设置。

我只是不断收到{"message":"invalid signature"}错误。
我很感激你的指点。
/update:这个页面包含了一个计算签名的方法(binance,是的,我明白讽刺的意思):请https://binance-docs.github.io/apidocs/spot/en/#signed-trade-user_data-and-margin-endpoint-security:

echo -n "symbol=LTCBTC&side=BUY&type=LIMIT&timeInForce=GTC&quantity=1&price=0.1&recvWindow=5000&timestamp=1499827319559" | openssl dgst -sha256 -hmac "NhqPtmdSJYdKjVHjA7PZj4Mge3R5YNiP1e3UZjInClVN65XAbvqqM6A7H5fATj0j"

谢谢

s2j5cfk0

s2j5cfk01#

为了完整起见,下面是C#解决方案:

using RestSharp;
using System.Text;
using System.Security.Cryptography;
using System.Globalization;

string computeSignature(
        HttpMethod httpMethod,
        string secret,
        double timestamp,
        string requestUri,
        string contentBody = "")
{
    var convertedString = System.Convert.FromBase64String(secret);
    var prehash = timestamp.ToString("F0", CultureInfo.InvariantCulture) + httpMethod.ToString().ToUpper() + requestUri + contentBody;
    return hashString(prehash, convertedString);
}

string hashString(string str, byte[] secret)
{
    var bytes = Encoding.UTF8.GetBytes(str);
    using (var hmaccsha = new HMACSHA256(secret))
    {
        return System.Convert.ToBase64String(hmaccsha.ComputeHash(bytes));
    }
}

var timeStamp = DateTimeOffset.Now.ToUnixTimeSeconds();
var apiKey = "fbb28bed4617217f482d878770b8c9b7";
var passPhrase = "passphrase87867";
var secret = "apcep9z66jyW3koh5uHhnq0hKQ5q59EBgTtpZ/GsvN9aigrFbxMpuz+YP7xXo/ev+OBZpqmv4OpCk7OKx6qGbw==";
var URL = "https://api-public.sandbox.exchange.coinbase.com/accounts";

var client = new RestClient(URL);
var request = new RestRequest();
request.AddHeader("Accept", "application/json");
request.AddHeader("cb-access-key", apiKey);
request.AddHeader("cb-access-passphrase", passPhrase);
request.AddHeader("cb-access-sign", computeSignature(HttpMethod.Get, secret, timeStamp, "/accounts"));
request.AddHeader("cb-access-timestamp", timeStamp);
RestResponse response = client.Execute(request);
// ...

相关问题