protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload) { var timestamp = TimeHelper.GetTotalMilliseconds().ToString(); payload?.Remove("method"); payload?.Remove("nonce"); string msg = CryptoUtility.GetFormForPayload(payload, false); msg = string.Join("&", new SortedSet <string>(msg.Split('&'), StringComparer.Ordinal)); //var msg = payload?.Count > 0 ? string.Join("&", new SortedSet<string>(payload.Select(a => $"{a.Key}={a.Value}").ToList())) : ""; string signStr = (request.Method == "GET") ? $"{request.Method}{request.Address}{timestamp}" : $"{request.Method}{request.Address.AbsoluteUri}{timestamp}{msg}"; Debug.WriteLine(signStr); var sig = CryptoUtility.SHA1SignBase64(signStr, PrivateApiKey.ToBytes()); request.Headers = new WebHeaderCollection() { { "FC-ACCESS-KEY", PublicApiKey.ToUnsecureString() }, { "FC-ACCESS-SIGNATURE", sig }, { "FC-ACCESS-TIMESTAMP", timestamp } }; if (request.Method == "POST") { request.ContentType = "application/json"; msg = CryptoUtility.GetJsonForPayload(payload); await CryptoUtility.WriteToRequestAsync(request, msg); } else { request.ContentType = "application/x-www-form-urlencoded;charset=utf-8"; } }
protected override Uri ProcessRequestUrl(UriBuilder url, Dictionary <string, object> payload, string method) { if (CanMakeAuthenticatedRequest(payload)) { // must sort case sensitive var dict = new SortedDictionary <string, object>(StringComparer.Ordinal) { ["Timestamp"] = CryptoUtility.UnixTimeStampToDateTimeMilliseconds(payload["nonce"].ConvertInvariant <long>()).ToString("s"), ["AccessKeyId"] = PublicApiKey.ToUnsecureString(), ["SignatureMethod"] = "HmacSHA256", ["SignatureVersion"] = "2" }; if (method == "GET") { foreach (var kv in payload) { dict.Add(kv.Key, kv.Value); } } string msg = CryptoUtility.GetFormForPayload(dict, false, false, false); string toSign = $"{method}\n{url.Host}\n{url.Path}\n{msg}"; // calculate signature var sign = CryptoUtility.SHA256SignBase64(toSign, PrivateApiKey.ToUnsecureBytesUTF8()).UrlEncode(); // append signature to end of message msg += $"&Signature={sign}"; url.Query = msg; } return(url.Uri); }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { var timeStamp = Math.Round(DateTime.UtcNow.UnixTimestampFromDateTimeMilliseconds()); var message = string.Empty; payload.Remove("nonce"); if (request.Method != "GET" && request.Method != "DELETE") { if (payload.Count > 0) { message = JsonConvert.SerializeObject(payload); } } byte[] sourceBytes = Encoding.UTF8.GetBytes(message); byte[] hashBytes = SHA512.Create().ComputeHash(sourceBytes); string hash = ByteToString(hashBytes).Replace("-", string.Empty); string url = request.RequestUri.ToStringInvariant(); string sign = timeStamp + url + request.Method + hash; request.AddHeader("Api-Key", PublicApiKey.ToUnsecureString()); request.AddHeader("Api-Timestamp", timeStamp.ToStringInvariant()); request.AddHeader("Api-Content-Hash", hash); request.AddHeader("Api-Signature", CryptoUtility.SHA512Sign(sign, PrivateApiKey.ToUnsecureString())); if (request.Method == "POST") { await CryptoUtility.WriteToRequestAsync(request, JsonConvert.SerializeObject(payload)); } } //Console.WriteLine(request.RequestUri); //return base.ProcessRequestAsync(request, payload); }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { if (payload.TryGetValue("body", out var body)) { payload.Remove("body"); } var nonce = payload["nonce"].ToString(); payload.Remove("nonce"); var json = JsonConvert.SerializeObject(body ?? payload); if (json == "{}") { json = ""; } var passphrase = Passphrase?.ToUnsecureString(); if (string.IsNullOrEmpty(passphrase)) { passphrase = PrivateApiKey?.ToUnsecureString(); } var hexSha384 = CryptoUtility.SHA384Sign( $"{request.RequestUri.AbsolutePath.Replace("/spot", string.Empty)}{nonce}{json}", passphrase); request.AddHeader("btse-sign", hexSha384); request.AddHeader("btse-nonce", nonce); request.AddHeader("btse-api", PublicApiKey.ToUnsecureString()); await request.WriteToRequestAsync(json); } await base.ProcessRequestAsync(request, payload); }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { request.AddHeader("content-type", "application/json"); var sigContent = new signatureContent { httpMethod = request.Method, path = request.RequestUri.LocalPath, nonce = payload["nonce"].ToStringInvariant() }; string json = JsonConvert.SerializeObject(sigContent); string bodyRequest = JsonConvert.SerializeObject(payload); string hexSha384 = CryptoUtility.SHA384Sign(json, PrivateApiKey.ToUnsecureString()); request.AddHeader("x-api-key", PublicApiKey.ToUnsecureString()); request.AddHeader("x-signature", hexSha384); request.AddHeader("x-nonce", payload["nonce"].ToStringInvariant() ); if (request.Method == "GET") { await CryptoUtility.WriteToRequestAsync(request, null); } else { await CryptoUtility.WriteToRequestAsync(request, bodyRequest); } } }
protected override void ProcessRequest(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { request.Method = "POST"; request.ContentType = request.Accept = "application/json"; if (request.RequestUri.AbsolutePath.StartsWith("/v2")) { string nonce = payload["nonce"].ToString(); payload.Remove("nonce"); string json = JsonConvert.SerializeObject(payload); string toSign = "/api" + request.RequestUri.PathAndQuery + nonce + json; string hexSha384 = CryptoUtility.SHA384Sign(toSign, PrivateApiKey.ToUnsecureString()); request.Headers["bfx-nonce"] = nonce; request.Headers["bfx-apikey"] = PublicApiKey.ToUnsecureString(); request.Headers["bfx-signature"] = hexSha384; WriteFormToRequest(request, json); } else { // bitfinex v1 doesn't put the payload in the post body it puts it in as a http header, so no need to write to request stream payload.Add("request", request.RequestUri.AbsolutePath); string json = JsonConvert.SerializeObject(payload); string json64 = System.Convert.ToBase64String(Encoding.ASCII.GetBytes(json)); string hexSha384 = CryptoUtility.SHA384Sign(json64, PrivateApiKey.ToUnsecureString()); request.Headers["X-BFX-PAYLOAD"] = json64; request.Headers["X-BFX-SIGNATURE"] = hexSha384; request.Headers["X-BFX-APIKEY"] = PublicApiKey.ToUnsecureString(); } } }
protected override Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { payload.Remove("nonce"); //var bodyPayload = payload.Where(_ => _.Key.StartsWith("body.")).ToDictionary(_ => _.Key.Substring(5),_=>_.Value); //var headerPayload = payload.Where(_ => !_.Key.StartsWith("body.")).ToDictionary(_ => _.Key, _ => _.Value); //foreach (var item in headerPayload) //{ // request.AddHeader(item.Key, item.Value.ToString()); //} //if (request.Method == "POST" && bodyPayload.Count()>0) if (request.Method == "POST") { //var query = CryptoUtility.GetFormForPayload(bodyPayload); payload["key"] = PublicApiKey.ToUnsecureString(); payload["timestamp"] = (Int64)DateTime.UtcNow.UnixTimestampFromDateTimeMilliseconds(); var msg = string.Join("&", payload.Where(_ => !string.IsNullOrEmpty(payload[_.Key].ToString())) .OrderBy(_ => _.Key) .Select(_ => string.Format("{0}={1}", _.Key.UrlEncode(), _.Value.ToStringInvariant().UrlEncode())) ); payload["sign"] = CryptoUtility.SHA256Sign(msg, PrivateApiKey.ToUnsecureString()); var form = request.WritePayloadJsonToRequestAsync(payload).Result; } } return(base.ProcessRequestAsync(request, payload)); }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { request.AddHeader("KC-API-KEY", PublicApiKey.ToUnsecureString()); request.AddHeader("KC-API-TIMESTAMP", payload["nonce"].ToStringInvariant()); request.AddHeader("KC-API-PASSPHRASE", CryptoUtility.SHA256Sign(Passphrase.ToUnsecureString(), PrivateApiKey.ToUnsecureString(), true)); var endpoint = request.RequestUri.PathAndQuery; //For Gets, Deletes, no need to add the parameters in JSON format var message = ""; var sig = ""; if (request.Method == "GET" || request.Method == "DELETE") { //Request will be a querystring message = string.Format("{0}{1}{2}", payload["nonce"], request.Method, endpoint); sig = CryptoUtility.SHA256Sign(message, PrivateApiKey.ToUnsecureString(), true); } else if (request.Method == "POST") { message = string.Format("{0}{1}{2}{3}", payload["nonce"], request.Method, endpoint, CryptoUtility.GetJsonForPayload(payload, true)); sig = CryptoUtility.SHA256Sign(message, PrivateApiKey.ToUnsecureString(), true); } request.AddHeader("KC-API-KEY-VERSION", 2.ToStringInvariant()); request.AddHeader("KC-API-SIGN", sig); } if (request.Method == "POST") { string msg = CryptoUtility.GetJsonForPayload(payload, true); byte[] content = msg.ToBytesUTF8(); await request.WriteAllAsync(content, 0, content.Length); } }
private string GetAuthForWebSocket() { string apiKey = PublicApiKey.ToUnsecureString(); string param = "api_key=" + apiKey + "&secret_key=" + PrivateApiKey.ToUnsecureString(); string sign = CryptoUtility.MD5Sign(param); return($"{{ \"event\": \"login\", \"parameters\": {{ \"api_key\": \"{apiKey}\", \"sign\": \"{sign}\" }} }}"); }
private string GetPayloadForm(Dictionary <string, object> payload) { payload["api_key"] = PublicApiKey.ToUnsecureString(); string form = CryptoUtility.GetFormForPayload(payload, false); string sign = form + "&secret_key=" + PrivateApiKey.ToUnsecureString(); sign = CryptoUtility.MD5Sign(sign); return(form + "&sign=" + sign); }
protected override void ProcessRequest(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { string url = request.RequestUri.ToString(); string sign = CryptoUtility.SHA512Sign(url, PrivateApiKey.ToUnsecureString()); request.Headers["apisign"] = sign; } }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { string payloadForm = CryptoUtility.GetFormForPayload(payload, false); request.AddHeader("API-Key", PublicApiKey.ToUnsecureString()); request.AddHeader("Sign", CryptoUtility.SHA256Sign(payloadForm, PrivateApiKey.ToBytesUTF8()).ToUpperInvariant()); await request.WriteToRequestAsync(payloadForm); } }
protected override Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { string url = request.RequestUri.ToString(); string sign = CryptoUtility.SHA512Sign(url, PrivateApiKey.ToUnsecureString()); request.AddHeader("apisign", sign); } return(base.ProcessRequestAsync(request, payload)); }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { string form = CryptoUtility.GetFormForPayload(payload); request.AddHeader("Key", PublicApiKey.ToUnsecureString()); request.AddHeader("Sign", CryptoUtility.SHA512Sign(form, PrivateApiKey.ToUnsecureString())); request.Method = "POST"; await CryptoUtility.WriteToRequestAsync(request, form); } }
protected override void ProcessRequest(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { string form = GetFormForPayload(payload); request.Headers["Key"] = PublicApiKey.ToUnsecureString(); request.Headers["Sign"] = CryptoUtility.SHA512Sign(form, PrivateApiKey.ToUnsecureString()); request.Method = "POST"; WriteFormToRequest(request, form); } }
protected override void ProcessRequest(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { using (var hmacsha512 = new HMACSHA512(Encoding.UTF8.GetBytes(PrivateApiKey.ToUnsecureString()))) { hmacsha512.ComputeHash(Encoding.UTF8.GetBytes(request.RequestUri.PathAndQuery)); request.Headers["X-Signature"] = string.Concat(hmacsha512.Hash.Select(b => b.ToString("x2")).ToArray()); // minimalistic hex-encoding and lower case } } }
protected override void ProcessRequest(HttpWebRequest request, Dictionary <string, object> payload) { if (payload != null && payload.ContainsKey("nonce") && PrivateApiKey != null && PublicApiKey != null) { string form = GetFormForPayload(payload); request.Headers["Key"] = PublicApiKey.ToUnsecureString(); request.Headers["Sign"] = CryptoUtility.SHA512Sign(form, PrivateApiKey.ToUnsecureString()); request.Method = "POST"; PostFormToRequest(request, form); } }
protected override Uri ProcessRequestUrl(UriBuilder url, Dictionary <string, object> payload, string method) { if (CanMakeAuthenticatedRequest(payload)) { if (!payload.ContainsKey("method")) { return(url.Uri); } method = payload["method"].ToStringInvariant(); payload.Remove("method"); var dict = new Dictionary <string, object> { ["Timestamp"] = DateTime.UtcNow.ToString("s"), ["AccessKeyId"] = PublicApiKey.ToUnsecureString(), ["SignatureMethod"] = "HmacSHA256", ["SignatureVersion"] = "2" }; string msg = null; if (method == "GET") { dict = dict.Concat(payload).ToDictionary(x => x.Key, x => x.Value); } msg = CryptoUtility.GetFormForPayload(dict, false); // must sort case sensitive msg = string.Join("&", new SortedSet <string>(msg.Split('&'), StringComparer.Ordinal)); StringBuilder sb = new StringBuilder(); sb.Append(method).Append("\n") .Append(url.Host).Append("\n") .Append(url.Path).Append("\n") .Append(msg); var sign = CryptoUtility.SHA256SignBase64(sb.ToString(), PrivateApiKey.ToBytesUTF8()); var signUrl = sign.UrlEncode(); msg += $"&Signature={signUrl}"; /* * // Huobi rolled this back, it is no longer needed. Leaving it here in case they change their minds again. * // https://github.com/huobiapi/API_Docs_en/wiki/Signing_API_Requests * // API Authentication Change * var privateSign = GetPrivateSignatureStr(Passphrase.ToUnsecureString(), sign); * var privateSignUrl = privateSign.UrlEncode(); * msg += $"&PrivateSignature={privateSignUrl}"; */ url.Query = msg; } return(url.Uri); }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { // Only Private APIs are POST and need Authorization if (CanMakeAuthenticatedRequest(payload) && request.Method == "POST") { var msg = CryptoUtility.GetFormForPayload(payload); var sig = CryptoUtility.SHA512Sign(msg, PrivateApiKey.ToUnsecureString()); request.AddHeader("Key", PublicApiKey.ToUnsecureString()); request.AddHeader("Sign", sig.ToLowerInvariant()); byte[] content = msg.ToBytesUTF8(); await request.WriteAllAsync(content, 0, content.Length); } }
protected override Uri ProcessRequestUrl(UriBuilder url, Dictionary <string, object> payload, string method) { if (CanMakeAuthenticatedRequest(payload)) { /* * 基于安全考虑,除行情API 外的 API 请求都必须进行签名运算。一个合法的请求由以下几部分组成: * 方法请求地址 即访问服务器地址:api.huobi.pro,api.hadax.com或者api.dm.huobi.br.com后面跟上方法名,比如api.huobi.pro/v1/order/orders。 * API 访问密钥(AccessKeyId) 您申请的 APIKEY 中的AccessKey。 * 签名方法(SignatureMethod) 用户计算签名的基于哈希的协议,此处使用 HmacSHA256。 * 签名版本(SignatureVersion) 签名协议的版本,此处使用2。 * 时间戳(DateTime) 您发出请求的时间 (UTC 时区) (UTC 时区) (UTC 时区) 。在查询请求中包含此值有助于防止第三方截取您的请求。如:2017-05-11T16:22:06。再次强调是 (UTC 时区) 。 * 必选和可选参数 每个方法都有一组用于定义 API 调用的必需参数和可选参数。可以在每个方法的说明中查看这些参数及其含义。 请一定注意:对于GET请求,每个方法自带的参数都需要进行签名运算; 对于POST请求,每个方法自带的参数不进行签名认证,即POST请求中需要进行签名运算的只有AccessKeyId、SignatureMethod、SignatureVersion、Timestamp四个参数,其它参数放在body中。 * 签名 签名计算得出的值,用于确保签名有效和未被篡改。 */ // must sort case sensitive var dict = new SortedDictionary <string, object>(StringComparer.Ordinal) { ["DateTime"] = CryptoUtility.UnixTimeStampToDateTimeMilliseconds(payload["nonce"].ConvertInvariant <long>()) .ToString("s"), //这里的逻辑是生成一个随机数,然后把这个随机数转成正常的日期。然后转成UTC时间 带T的那种 。有点脱了裤子放屁的感觉。 ["AccessKeyId"] = PublicApiKey.ToUnsecureString(), ["SignatureMethod"] = "HmacSHA256", ["SignatureVersion"] = "2" }; if (method == "GET") //只有get需要验证参数内的内容 { foreach (var kv in payload) { dict.Add(kv.Key, kv.Value); } } string msg = dict.GetFormForPayload(false, false, false); string toSign = $"{method}\n{url.Host}\n{url.Path}\n{msg}"; // calculate signature var sign = CryptoUtility.SHA256SignBase64(toSign, PrivateApiKey.ToUnsecureBytesUTF8()).UrlEncode(); // append signature to end of message msg += $"&Signature={sign}"; url.Query = msg; } return(url.Uri); }
protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { payload.Remove("nonce"); payload["api_key"] = PublicApiKey.ToUnsecureString(); var msg = CryptoUtility.GetFormForPayload(payload, false); msg = string.Join("&", new SortedSet <string>(msg.Split('&'), StringComparer.Ordinal)); var sign = msg + "&secret_key=" + PrivateApiKey.ToUnsecureString(); sign = CryptoUtility.MD5Sign(sign); msg += "&sign=" + sign; await CryptoUtility.WriteToRequestAsync(request, msg); } }
protected override void ProcessRequest(HttpWebRequest request, Dictionary <string, object> payload) { if (payload != null && payload.ContainsKey("nonce") && PrivateApiKey != null && PublicApiKey != null) { payload.Add("request", request.RequestUri.AbsolutePath); string json = JsonConvert.SerializeObject(payload); string json64 = System.Convert.ToBase64String(Encoding.ASCII.GetBytes(json)); string hexSha384 = CryptoUtility.SHA384Sign(json64, PrivateApiKey.ToUnsecureString()); request.Headers["X-BFX-PAYLOAD"] = json64; request.Headers["X-BFX-SIGNATURE"] = hexSha384; request.Headers["X-BFX-APIKEY"] = PublicApiKey.ToUnsecureString(); request.Method = "POST"; // bitfinex doesn't put the payload in the post body it puts it in as a http header, so no need to write to request stream } }
private string GetSignKey(IHttpWebRequest request, string formData) { //TODO: Use csharp8 ranges var index = Array.IndexOf(request.RequestUri.Segments, "1/"); var callPath = string.Join(string.Empty, request.RequestUri.Segments.Skip(index + 1)).TrimStart('/'); var postData = $"{callPath}\0{formData}"; var privateKeyBase64 = Convert.FromBase64String(PrivateApiKey.ToUnsecureString()); byte[] hashBytes; using (var hmacSha512 = new HMACSHA512(privateKeyBase64)) { hashBytes = hmacSha512.ComputeHash(Encoding.UTF8.GetBytes(postData)); } return(Convert.ToBase64String(hashBytes)); }
protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload) { // Only Private APIs are POST and need Authorization if (CanMakeAuthenticatedRequest(payload) && request.Method == "POST") { var msg = CryptoUtility.GetFormForPayload(payload); var sig = CryptoUtility.SHA512Sign(msg, PrivateApiKey.ToUnsecureString()); request.Headers.Add("Key", PublicApiKey.ToUnsecureString()); request.Headers.Add("Sign", sig.ToLower()); using (Stream stream = await request.GetRequestStreamAsync()) { byte[] content = Encoding.UTF8.GetBytes(msg); stream.Write(content, 0, content.Length); } } }
protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload) { if (CanMakeAuthenticatedRequest(payload)) { if (string.IsNullOrWhiteSpace(CustomerId)) { throw new APIException("Customer ID is not set for Bitstamp"); } // messageToSign = nonce + customer_id + api_key string apiKey = PublicApiKey.ToUnsecureString(); string messageToSign = payload["nonce"].ToStringInvariant() + CustomerId + apiKey; string signature = CryptoUtility.SHA256Sign(messageToSign, PrivateApiKey.ToUnsecureString()).ToUpperInvariant(); payload["signature"] = signature; payload["key"] = apiKey; await CryptoUtility.WritePayloadFormToRequestAsync(request, payload); } }
protected override Uri ProcessRequestUrl(UriBuilder url, Dictionary <string, object> payload, string method) { if (CanMakeAuthenticatedRequest(payload)) { if (!payload.ContainsKey("method")) { return(url.Uri); } method = payload["method"].ToStringInvariant(); payload.Remove("method"); var dict = new Dictionary <string, object> { ["Timestamp"] = DateTime.UtcNow.ToString("s"), ["AccessKeyId"] = PublicApiKey.ToUnsecureString(), ["SignatureMethod"] = "HmacSHA256", ["SignatureVersion"] = "2" }; string msg = null; if (method == "GET") { dict = dict.Concat(payload).ToDictionary(x => x.Key, x => x.Value); } msg = CryptoUtility.GetFormForPayload(dict, false); // must sort case sensitive msg = string.Join("&", new SortedSet <string>(msg.Split('&'), StringComparer.Ordinal)); StringBuilder sb = new StringBuilder(); sb.Append(method).Append("\n") .Append(url.Host).Append("\n") .Append(url.Path).Append("\n") .Append(msg); var sig = CryptoUtility.SHA256SignBase64(sb.ToString(), PrivateApiKey.ToBytes()); msg += "&Signature=" + Uri.EscapeDataString(sig); url.Query = msg; } return(url.Uri); }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { // Only Private APIs are POST and need Authorization if (CanMakeAuthenticatedRequest(payload) && request.Method == "POST") { var signature = string.Empty; payload.Add("key", PublicApiKey.ToUnsecureString()); var jsonContent = payload.GetJsonForPayload(); if (!string.IsNullOrEmpty(jsonContent)) { signature = CryptoUtility.SHA512Sign(jsonContent, PrivateApiKey.ToUnsecureBytesUTF8()).ToLowerInvariant(); } request.AddHeader("Hash", signature); var content = jsonContent.ToBytesUTF8(); await request.WriteAllAsync(content, 0, content.Length); } }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (payload == null || request.Method == "GET") { return; } string secret = this.PrivateApiKey.ToUnsecureString(); payload.Add("secret_key", secret); string body = CryptoUtility.GetFormForPayload(payload); string sign = CryptoUtility.MD5Sign(body, PrivateApiKey.ToUnsecureBytesUTF8()); payload.Remove("secret_key"); payload.Add("sign", sign); body = payload.GetFormForPayload(); await CryptoUtility.WriteToRequestAsync(request, body); }
protected override async Task ProcessRequestAsync(IHttpWebRequest request, Dictionary <string, object> payload) { if (PrivateApiKey != null && PublicApiKey != null) { request.AddHeader("Authorization", CryptoUtility.BasicAuthenticationString(PublicApiKey.ToUnsecureString(), PrivateApiKey.ToUnsecureString())); } if (CanMakeAuthenticatedRequest(payload)) { request.AddHeader("apToken", authenticationDetails.Token); payload.Add("OMSId", authenticationDetails.OMSId); payload.Add("AccountId", authenticationDetails.AccountId); } if (request.Method == "POST") { await request.WritePayloadJsonToRequestAsync(payload); } }
protected override void ProcessRequest(HttpWebRequest request, Dictionary <string, object> payload) { // Only Private APIs are POST and need Authorization if (CanMakeAuthenticatedRequest(payload) && request.Method == "POST") { // Yobit usses a unique nonce. They expect the client to start at a number and increment sequentially // but we can't use ticks or unix timestamps because their max is 2147483646 // here we taking that last digits from the a timestamp for the nonce, which seems to work payload["nonce"] = DateTime.UtcNow.UnixTimestampFromDateTimeMilliseconds().ToString("F0").Substring(4); var msg = GetFormForPayload(payload); var sig = CryptoUtility.SHA512Sign(msg, PrivateApiKey.ToUnsecureString()); request.Headers.Add("Key", PublicApiKey.ToUnsecureString()); request.Headers.Add("Sign", sig.ToLower()); using (Stream stream = request.GetRequestStream()) { byte[] content = Encoding.UTF8.GetBytes(msg); stream.Write(content, 0, content.Length); stream.Flush(); stream.Close(); } } }