Coincheck API verification doesn't work.
In the API overview of the official website of Coincheck,
---------------
For requests that require authentication, the following information needs to be included in the HTTP Header for the request.
ACCESS-KEYAccess key created with API key
ACCESS-NONCEA positive integer that must be incremented for each request. UNIX time stamp is usually used. The maximum value is 9223372036854775807. It is managed for each API key.
ACCESS-SIGNATURESIGNATURE described later
SIGNATURCreate E
SIGNATURE is the result of concatenating all of ACCESS-NONCE, request destination URL, and request body into a string and concatenating them using the secret key in HMAC-SHA256 hash format.
SIGNATURRegarding the creation of E, the parts such as API_SECRET of the sample code have been changed.
$strUrl = "https://coincheck.com/api/accounts/balance";
$intNonce = time();
$arrQuery = array("hoge" =>"foo");
$strAccessSecret = "API_SECRET";
$strMessage = $intNonce .$strUrl .http_build_query($arrQuery);
$strSignature = hash_hmac("sha256", $strMessage, $strAccessSecret);
# =>"3bc1f33d802056c61ba8c8108f6ffb7527bcd184461a3ea0fed3cee0a22ae15d"
Based on the above
//Temporary value
$strAccessKey = "access key";
$strUrl = "https://coincheck.com/api/accounts/balance";
$intNonce = time();
$arrQuery = array("hoge" =>"foo");
// secret access key
$strAccessSecret = "API_SECRET";
$strMessage = $intNonce .$strUrl .http_build_query($arrQuery);
$strSignature = hash_hmac("sha256", $strMessage, $strAccessSecret);
//http header information
$headers = array(
"ACCESS-KEY :" .$strAccessKey,
"ACCESS-NONCE :" .$intNonce,
"ACCESS-SIGNATURE :" .$strSignature,"Content-Type: application/x-www-form-urlencoded"
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $base_url);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST,'GET');
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
//Add header option
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
$response = curl_exec($curl);
// check if an error occurred
if (!curl_errno($curl)) {
$info = curl_getinfo($curl);
echo'Took', $info['total_time'],
'seconds to send a request to', $info['url'],
"\n";
}
$result = json_decode($response, true);
curl_close($curl);
//array(2) {["success"]=>bool(false) ["error"]=>string(22) "invalid authentication"}
// invalid authentication
var_dump($result);
exit();
As a result of executing
//array(2) {["success"]=>bool(false) ["error"]=>string(22) "invalid authentication"}
// invalid authentication
It will become.
// check if an error occurred
if (!curl_errno($curl))
Since there is no error in, I think that the request itself has arrived well.
I also checked the access key and secret key for mistakes.
I didn't understand the cause, so I would appreciate it if you could give me some opinions.
// Addition part
$arrQuery = array("hoge" =>"foo");
Remove the above
I rewrote the $headers as follows and successfully got it.
$headers = array(
"ACCESS-KEY: {$strAccessKey}",
"ACCESS-SIGNATURE: {$strSignature}",
"ACCESS-NONCE: {$intNonce}",
);
Exchange API Document (below)
https://coincheck.com/en/documents/exchange/api#account-balance
Of the balance of
{
"success": true,
"jpy": "0.8401",
"btc": "7.75052654",
"jpy_reserved": "3000.0",
"btc_reserved": "3.5002",
"jpy_lend_in_use": "0",
"btc_lend_in_use": "0.3",
"jpy_lent": "0",
"btc_lent": "1.2",
"jpy_debt": "0",
"btc_debt": "0"
}
Is this unrelated to the request body?
*Create SIGNATURE
SIGNATURE is ACCESS-NONCE, request URL,Request bodyIs the result of concatenating all the strings into a string and using the secret key in the HMAC-SHA256 hash format.
-
Answer # 1
-
Answer # 2
It's not an essential answer, but since such a library is open to the public, I think you should try it and read the source.
https://github.com/coincheckjp/coincheck-php
Related articles
- php preg_replace doesn't work
- php - date format doesn't work in laravel unit tests
- unlink () doesn't work with php from ajax
- php - vbscript doesn't work on apache/216 to apache/246
- php - feed-in code doesn't work
- php: doesn't work properly when converted to a function
- php - laravel multi-login feature doesn't work
- php password_verify () doesn't work
- php - linebot doesn't return a standard reply
- memcached doesn't work after php version upgrade
- php - it doesn't work to remove whitespace and line feed code after converting an array to a string
- php - i use wordpress, but require_once doesn't work
- php - javascript confirm doesn't work well
- php - why doesn't lock tables work unless i write "table prefix (wp_)" in wordpress?
- php - i want to pass laravel login authentication
- php - i want to separate authentication and non-authentication of method use by user name with session function
- login function doesn't work well with php
- php - about laravel authentication restrictions
- php - [laravel] auth is not authenticated by the test code for login authentication
- php - standard output doesn't work
I have not verified it...
to $arrQuery
array("hoge" =>"foo");
Why is it set?API documentation
Authentication-Exchange API overview
Or
Balance-Exchange API Overview
As far as you can see, "Balance" does not have a request body, so isn't it an unnecessary parameter?