Authentication

Every private data or bot endpoint is secured with a private key

Arrange the parameters in ascending alphabetical order
Combine them with &. Don't URL encode them.
Encode complete string to UTF8.
Create a SHA256 signature from the encoded string and the Local API token.
Remove - from the signature
Make sure the signature is upper case.
Add "&sig=signature" to the URL.

public string CreateSignature(Dictionary<string, string> parameters, string privateKey)
{
    var parametersString = string.Empty;
    foreach (var parameter in parameters.OrderBy(c => c.Key))
        parametersString += $"&{parameter.Key}={parameter.Value}";

    parametersString = parametersString.TrimStart('&');
    var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(privateKey));
    var hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(parametersString));
    var sig = BitConverter.ToString(hash).Replace("-", "");

    return sig;
}

echo -n $parameters | iconv -f ascii -t utf8 | openssl sha256 -hmac "$key" | awk '{ print toupper($2) }'

HexEncode (CryptAuthCode ( "abc + UTF-8 ordered parameters in other words string"; "SHA256"; "local api key" ))

import hmac
import hashlib
import collections
from typing import Dict


    @staticmethod
    def generate_signature(parameters: Dict[str, str], privatekey: str):
        parameter_string = ""

        parameters = collections.OrderedDict(sorted(parameters.items()))

        for key, value in parameters.items():
            parameter_string += "&" + str(key) + "=" + str(value)

        parameter_string = parameter_string.replace("&", "", 1)

        key = bytes(privatekey, 'UTF-8')
        message = bytes(parameter_string, 'UTF-8')

        digester = hmac.new(key, message, hashlib.sha256)
        signature = digester.digest()
        signature = signature.hex().replace("-", "").upper()

        r

PreviousUsing Local API Server NextResponse

Last updated 6 years ago

Was this helpful?