我正在尝试从 Coinbase Pro 获取简单的帐户信息,但似乎无法弄清楚 CB-ACCESS-SIGN 标头。我不断收到“无效签名”消息。
来自 Coinbase Pro API 文档:
CB-ACCESS-SIGN 标头是通过在 prehash 字符串时间戳 + 方法上使用 base64 解码的密钥创建 sha256 HMAC 生成的
- requestPath + body(其中 + 表示字符串连接)并对输出进行 base64 编码。时间戳值与 CB-ACCESS-TIMESTAMP 标头相同。
body 是请求正文字符串,如果没有请求正文,则省略(通常用于 GET 请求)。
该方法应为大写。
我的代码:
<cfscript>
accessKey = 'xxx';
passPhrase = 'yyy';
theSecret = 'zzz';
// create an epoch time stamp
theTime = now();
utcTime = dateConvert('local2UTC',theTime);
ISOtimeStamp = dateFormat(utcTime,"yyyy-mm-dd")&"T"&timeFormat(utcTime,"HH:mm:ss")&".761Z";
timeStamp = numberFormat(dateDiff("s","January 1 1970 00:00",ISOtimeStamp) + 28800.761,"_.000");
requestPath = '/accounts';
theBody = "";
method = "GET";
// create the prehash string by concatenating required parts
what = '#timeStamp#' & '#method#' & '#requestPath#' & '#theBody#';
// decode the base64 secret
theKey = binaryDecode(theSecret,"base64");
// create s sha256 hmac with the key
theHmac = hmac("#what#","#theKey#", "HMACSHA256");
// encode the result
cas = toBase64(theHmac);
</cfscript>
<cfhttp url="https://api.pro.coinbase.com/v2/accounts" method="get" result="y">
<cfhttpparam type="header" name="CB-ACCESS-KEY" value="#accessKey#" >
<cfhttpparam type="header" name="CB-ACCESS-SIGN" value="#ucase(cas)#" >
<cfhttpparam type="header" name="CB-ACCESS-TIMESTAMP" value="#timeStamp#" >
<cfhttpparam type="header" name="CB-ACCESS-PASSPHRASE" value="#passPhrase#" >
</cfhttp>