Gdax api在POST请求中返回无效签名

时间:2018-04-05 18:39:17

标签: java gdax-api

我正在尝试与GDAX-API集成,并且我已成功设置了GET呼叫并收到了答案,但是当我尝试拨打POST电话时,我得到以下答案 {"消息":"无效签名"}

我在这里看到了一些东西:https://www.reddit.com/r/GDAX/comments/7twdfv/gdax_api_invalid_signature_problem/

但我不确定这是不是问题...

我的签名部分基于Gdax https://github.com/irufus/gdax-java

提到的java库

这是我的代码中有趣的部分

public String purchaseOrder(String jsonOrder) throws ClientProtocolException, IOException {
        CloseableHttpClient client = HttpClientBuilder.create().build();
        HttpPost request = new HttpPost(BASE_URL + "/orders");
        String timestamp = Instant.now().getEpochSecond() + "";
        request.addHeader("accept", "application/json");
        request.addHeader("content-type", "application/json");
        request.addHeader("User-Agent", "gdax-java-client");
        request.addHeader(CB_ACCESS_KEY, API_KEY);
        request.addHeader(CB_ACCESS_SIGN, generateSignedHeader("/orders", "POST", jsonOrder, String.valueOf(timestamp)));
        request.addHeader(CB_ACCESS_TIMESTAMP, String.valueOf(timestamp));
        request.addHeader(CB_ACCESS_PASSPHRASE, PASSPHRASE);

        HttpResponse response = client.execute(request);
        String jsonResponse = EntityUtils.toString(response.getEntity(), "UTF-8");
        client.close();
        return jsonResponse;
    }

    private String generateSignedHeader(String requestPath, String method, String body, String timestamp) {
        try {
            String prehash = timestamp + method.toUpperCase() + requestPath + body;
            byte[] secretDecoded = Base64.getDecoder().decode(API_SECRET);
            SecretKeySpec keyspec = new SecretKeySpec(secretDecoded, Mac.getInstance("HmacSHA256").getAlgorithm());
            Mac sha256 = (Mac) Mac.getInstance("HmacSHA256").clone();
            sha256.init(keyspec);
            String response = Base64.getEncoder().encodeToString(sha256.doFinal(prehash.getBytes()));
            System.out.println(response);
            return response;
        } catch (CloneNotSupportedException | InvalidKeyException e) {
            System.out.println(e);
            throw new RuntimeErrorException(new Error("Cannot set up authentication headers."));
        } catch (NoSuchAlgorithmException e) {
            System.out.println(e);
            throw new RuntimeErrorException(new Error("Cannot set up authentication headers."));

        }
    }

我在测试请求中打印了json

{"side":"buy","type":"market","product_id":"BTC-USD","size":0.01000000000000000020816681711721685132943093776702880859375}

EDIT !!!!!!!

由于某种原因我没有丢弃最后3位数(ms)的时间戳问题 所以即时通过,但现在我正在

  

{" message":"请求时间戳已过期"}

1 个答案:

答案 0 :(得分:0)

时间戳必须是自Unix时代(1970年1月1日)以来的秒数。

您可以包含微秒,但您必须有一段时间(即123.456)。

您收到的消息错误是因为服务器和GDAX服务器之间的时间差不多。很可能你没有为ms关闭的时间段约为×1000 ......