protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload) { // Only Private APIs are POST and need Authorization if (CanMakeAuthenticatedRequest(payload) && request.Method == "POST") { string requestContentBase64String = string.Empty; string nonce = payload["nonce"] as string; payload.Remove("nonce"); string jsonContent = CryptoUtility.GetJsonForPayload(payload); if (!String.IsNullOrEmpty(jsonContent)) { using (MD5 md5 = MD5.Create()) { requestContentBase64String = Convert.ToBase64String(md5.ComputeHash(Encoding.UTF8.GetBytes(jsonContent))); } } else { request.ContentLength = 0; } string baseSig = string.Concat(PublicApiKey.ToUnsecureString(), request.Method, Uri.EscapeDataString(request.RequestUri.AbsoluteUri).ToLower(), nonce, requestContentBase64String); string signature = CryptoUtility.SHA256SignBase64(baseSig, Convert.FromBase64String(PrivateApiKey.ToUnsecureString())); request.Headers.Add(HttpRequestHeader.Authorization, string.Format("amx {0}:{1}:{2}", PublicApiKey.ToUnsecureString(), signature, nonce)); // Cryptopia is very picky on how the payload is passed. There might be a better way to do this, but this works... using (Stream stream = await request.GetRequestStreamAsync()) { byte[] content = Encoding.UTF8.GetBytes(jsonContent); stream.Write(content, 0, content.Length); } } }
protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { if (request.Method == "POST") { request.ContentType = "application/json"; payload.Remove("nonce"); var msg = CryptoUtility.GetJsonForPayload(payload); await CryptoUtility.WriteToRequestAsync(request, msg); } } }
protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { // gdax is funny and wants a seconds double for the nonce, weird... we convert it to double and back to string invariantly to ensure decimal dot is used and not comma string timestamp = payload["nonce"].ToStringInvariant(); payload.Remove("nonce"); string form = CryptoUtility.GetJsonForPayload(payload); byte[] secret = CryptoUtility.ToBytesBase64Decode(PrivateApiKey); string toHash = timestamp + request.Method.ToUpper() + request.RequestUri.PathAndQuery + form; string signatureBase64String = CryptoUtility.SHA256SignBase64(toHash, secret); secret = null; toHash = null; request.Headers["CB-ACCESS-KEY"] = PublicApiKey.ToUnsecureString(); request.Headers["CB-ACCESS-SIGN"] = signatureBase64String; request.Headers["CB-ACCESS-TIMESTAMP"] = timestamp; request.Headers["CB-ACCESS-PASSPHRASE"] = CryptoUtility.ToUnsecureString(Passphrase); await CryptoUtility.WriteToRequestAsync(request, form); } }
protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { payload.Remove("nonce"); string body = CryptoUtility.GetJsonForPayload(payload); string timestamp = ((int)DateTime.UtcNow.UnixTimestampFromDateTimeSeconds()).ToStringInvariant(); string msg = timestamp + request.Method + request.RequestUri.PathAndQuery + (request.Method.Equals("POST") ? body : string.Empty); string sign = CryptoUtility.SHA256SignBase64(msg, CryptoUtility.ToBytesBase64Decode(PrivateApiKey)); request.Headers["AC-ACCESS-KEY"] = CryptoUtility.ToUnsecureString(PublicApiKey); request.Headers["AC-ACCESS-SIGN"] = sign; request.Headers["AC-ACCESS-TIMESTAMP"] = timestamp; request.Headers["AC-ACCESS-PASSPHRASE"] = CryptoUtility.ToUnsecureString(Passphrase); if (request.Method == "POST") { await CryptoUtility.WriteToRequestAsync(request, body); } } }