Question

我正在尝试与GDAX-API集成，并且我已成功设置了GET呼叫并收到了答案，但是当我尝试拨打POST电话时，我得到以下答案 {＆＃34;消息＆＃34;：＆＃34;无效签名＆＃34;}

我在这里看到了一些东西：https://www.reddit.com/r/GDAX/comments/7twdfv/gdax_api_invalid_signature_problem/

但我不确定这是不是问题...

我的签名部分基于Gdax https://github.com/irufus/gdax-java

提到的java库

这是我的代码中有趣的部分

public String purchaseOrder(String jsonOrder) throws ClientProtocolException, IOException {
        CloseableHttpClient client = HttpClientBuilder.create().build();
        HttpPost request = new HttpPost(BASE_URL + "/orders");
        String timestamp = Instant.now().getEpochSecond() + "";
        request.addHeader("accept", "application/json");
        request.addHeader("content-type", "application/json");
        request.addHeader("User-Agent", "gdax-java-client");
        request.addHeader(CB_ACCESS_KEY, API_KEY);
        request.addHeader(CB_ACCESS_SIGN, generateSignedHeader("/orders", "POST", jsonOrder, String.valueOf(timestamp)));
        request.addHeader(CB_ACCESS_TIMESTAMP, String.valueOf(timestamp));
        request.addHeader(CB_ACCESS_PASSPHRASE, PASSPHRASE);

        HttpResponse response = client.execute(request);
        String jsonResponse = EntityUtils.toString(response.getEntity(), "UTF-8");
        client.close();
        return jsonResponse;
    }

    private String generateSignedHeader(String requestPath, String method, String body, String timestamp) {
        try {
            String prehash = timestamp + method.toUpperCase() + requestPath + body;
            byte[] secretDecoded = Base64.getDecoder().decode(API_SECRET);
            SecretKeySpec keyspec = new SecretKeySpec(secretDecoded, Mac.getInstance("HmacSHA256").getAlgorithm());
            Mac sha256 = (Mac) Mac.getInstance("HmacSHA256").clone();
            sha256.init(keyspec);
            String response = Base64.getEncoder().encodeToString(sha256.doFinal(prehash.getBytes()));
            System.out.println(response);
            return response;
        } catch (CloneNotSupportedException | InvalidKeyException e) {
            System.out.println(e);
            throw new RuntimeErrorException(new Error("Cannot set up authentication headers."));
        } catch (NoSuchAlgorithmException e) {
            System.out.println(e);
            throw new RuntimeErrorException(new Error("Cannot set up authentication headers."));

        }
    }

我在测试请求中打印了json

{"side":"buy","type":"market","product_id":"BTC-USD","size":0.01000000000000000020816681711721685132943093776702880859375}

EDIT !!!!!!!

由于某种原因我没有丢弃最后3位数（ms）的时间戳问题所以即时通过，但现在我正在

{＆＃34; message＆＃34;：＆＃34;请求时间戳已过期＆＃34;}

Answer 1

时间戳必须是自Unix时代（1970年1月1日）以来的秒数。

您可以包含微秒，但您必须有一段时间（即123.456）。

您收到的消息错误是因为服务器和GDAX服务器之间的时间差不多。很可能你没有为ms关闭的时间段约为×1000 ......

Gdax api在POST请求中返回无效签名

1 个答案: