我正在修改当前的 Coinbase Php Gem 以使用新的 Key+Secret API 身份验证。我认为我完全按照他们的指示行事,但我总是得到回应:"error":"ACCESS_SIGNATURE does not validate"
到目前为止,我有:
- 确认签名是小写的十六进制哈希
- 从 CB 回调确认我的访问密钥已被接受
- 从 CB 回调确认我的 nonce 有效
- 确认我的 API 密钥是正确的
https://coinbase.com/api/v1/buttons
我的测试是一个带有几个 $params的 POST 请求。它使用旧的 API 方法工作。我不确定在这种新的 API 方法下我做错了什么。
这是修改后的 Coinbase_Rpc::request 方法:
public function request($method, $url, $params)
{
if ($this->_apiKey === null) {
throw new Coinbase_ApiException("Invalid API key", 500, "An invalid API key was provided.");
}
$url = Coinbase::API_BASE . $url;
$nonce = (int)(microtime(true) * 100);
// Create query string
$queryString = http_build_query($params);
// Initialize CURL
$curl = curl_init();
$curlOpts = array();
// HTTP method
$method = strtolower($method);
if ($method == 'get') {
$curlOpts[CURLOPT_HTTPGET] = 1;
$url .= "?" . $queryString;
} else if ($method == 'post') {
$curlOpts[CURLOPT_POST] = 1;
$curlOpts[CURLOPT_POSTFIELDS] = $queryString;
} else if ($method == 'delete') {
$curlOpts[CURLOPT_CUSTOMREQUEST] = "DELETE";
$url .= "?" . $queryString;
} else if ($method == 'put') {
$curlOpts[CURLOPT_CUSTOMREQUEST] = "PUT";
$curlOpts[CURLOPT_POSTFIELDS] = $queryString;
}
// Headers
$headers = array(
'User-Agent: CoinbasePHP/v1',
'Accept: */*',
'Connection: close',
'Host: coinbase.com',
'ACCESS_KEY: ' . $this->_apiKey,
'ACCESS_NONCE: ' . $nonce,
'ACCESS_SIGNATURE: ' . hash_hmac("sha256", $nonce . $url, $this->_apiSecret)
);
// CURL options
$curlOpts[CURLOPT_URL] = $url;
$curlOpts[CURLOPT_HTTPHEADER] = $headers;
$curlOpts[CURLOPT_CAINFO] = dirname(__FILE__) . '/ca-coinbase.crt';
$curlOpts[CURLOPT_RETURNTRANSFER] = true;
// Do request
curl_setopt_array($curl, $curlOpts);
$response = $this->_requestor->doCurlRequest($curl);
// Decode response
try {
$json = json_decode($response['body']);
} catch (Exception $e) {
throw new Coinbase_ConnectionException("Invalid response body", $response['statusCode'], $response['body']);
}
if ($json === null) {
throw new Coinbase_ApiException("Invalid response body", $response['statusCode'], $response['body']);
}
if (isset($json->error)) {
throw new Coinbase_ApiException($json->error, $response['statusCode'], $response['body']);
} else if (isset($json->errors)) {
throw new Coinbase_ApiException(implode($json->errors, ', '), $response['statusCode'], $response['body']);
}
return $json;
}
有任何想法吗?
编辑:虽然上面没有修改,但它是固定的,完整的 PHP Gem 可在此处获得:https ://github.com/Luth/CoinbasePhpGem