Exemplo n.º 1
0
        protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload)
        {
            // Only Private APIs are POST and need Authorization
            if (CanMakeAuthenticatedRequest(payload) && request.Method == "POST")
            {
                string requestContentBase64String = string.Empty;
                string nonce = payload["nonce"] as string;
                payload.Remove("nonce");

                string jsonContent = CryptoUtility.GetJsonForPayload(payload);
                if (!String.IsNullOrEmpty(jsonContent))
                {
                    using (MD5 md5 = MD5.Create())
                    {
                        requestContentBase64String = Convert.ToBase64String(md5.ComputeHash(Encoding.UTF8.GetBytes(jsonContent)));
                    }
                }
                else
                {
                    request.ContentLength = 0;
                }

                string baseSig   = string.Concat(PublicApiKey.ToUnsecureString(), request.Method, Uri.EscapeDataString(request.RequestUri.AbsoluteUri).ToLower(), nonce, requestContentBase64String);
                string signature = CryptoUtility.SHA256SignBase64(baseSig, Convert.FromBase64String(PrivateApiKey.ToUnsecureString()));
                request.Headers.Add(HttpRequestHeader.Authorization, string.Format("amx {0}:{1}:{2}", PublicApiKey.ToUnsecureString(), signature, nonce));

                // Cryptopia is very picky on how the payload is passed. There might be a better way to do this, but this works...
                using (Stream stream = await request.GetRequestStreamAsync())
                {
                    byte[] content = Encoding.UTF8.GetBytes(jsonContent);
                    stream.Write(content, 0, content.Length);
                }
            }
        }
Exemplo n.º 2
0
        protected override Uri ProcessRequestUrl(UriBuilder url, Dictionary <string, object> payload, string method)
        {
            if (CanMakeAuthenticatedRequest(payload))
            {
                if (!payload.ContainsKey("method"))
                {
                    return(url.Uri);
                }
                method = payload["method"].ToStringInvariant();
                payload.Remove("method");

                var dict = new Dictionary <string, object>
                {
                    ["Timestamp"]        = DateTime.UtcNow.ToString("s"),
                    ["AccessKeyId"]      = PublicApiKey.ToUnsecureString(),
                    ["SignatureMethod"]  = "HmacSHA256",
                    ["SignatureVersion"] = "2"
                };

                string msg = null;
                if (method == "GET")
                {
                    dict = dict.Concat(payload).ToDictionary(x => x.Key, x => x.Value);
                }

                msg = CryptoUtility.GetFormForPayload(dict, false);

                // must sort case sensitive
                msg = string.Join("&", new SortedSet <string>(msg.Split('&'), StringComparer.Ordinal));

                StringBuilder sb = new StringBuilder();
                sb.Append(method).Append("\n")
                .Append(url.Host).Append("\n")
                .Append(url.Path).Append("\n")
                .Append(msg);

                var sig = CryptoUtility.SHA256SignBase64(sb.ToString(), PrivateApiKey.ToBytes());
                msg += "&Signature=" + Uri.EscapeDataString(sig);

                url.Query = msg;
            }
            return(url.Uri);
        }
 protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload)
 {
     if (CanMakeAuthenticatedRequest(payload))
     {
         // gdax is funny and wants a seconds double for the nonce, weird... we convert it to double and back to string invariantly to ensure decimal dot is used and not comma
         string timestamp = payload["nonce"].ToStringInvariant();
         payload.Remove("nonce");
         string form   = CryptoUtility.GetJsonForPayload(payload);
         byte[] secret = CryptoUtility.ToBytesBase64Decode(PrivateApiKey);
         string toHash = timestamp + request.Method.ToUpper() + request.RequestUri.PathAndQuery + form;
         string signatureBase64String = CryptoUtility.SHA256SignBase64(toHash, secret);
         secret = null;
         toHash = null;
         request.Headers["CB-ACCESS-KEY"]        = PublicApiKey.ToUnsecureString();
         request.Headers["CB-ACCESS-SIGN"]       = signatureBase64String;
         request.Headers["CB-ACCESS-TIMESTAMP"]  = timestamp;
         request.Headers["CB-ACCESS-PASSPHRASE"] = CryptoUtility.ToUnsecureString(Passphrase);
         await CryptoUtility.WriteToRequestAsync(request, form);
     }
 }
Exemplo n.º 4
0
        protected override async Task ProcessRequestAsync(HttpWebRequest request, Dictionary <string, object> payload)
        {
            if (CanMakeAuthenticatedRequest(payload))
            {
                payload.Remove("nonce");
                string body      = CryptoUtility.GetJsonForPayload(payload);
                string timestamp = ((int)DateTime.UtcNow.UnixTimestampFromDateTimeSeconds()).ToStringInvariant();
                string msg       = timestamp + request.Method + request.RequestUri.PathAndQuery + (request.Method.Equals("POST") ? body : string.Empty);
                string sign      = CryptoUtility.SHA256SignBase64(msg, CryptoUtility.ToBytesBase64Decode(PrivateApiKey));

                request.Headers["AC-ACCESS-KEY"]        = CryptoUtility.ToUnsecureString(PublicApiKey);
                request.Headers["AC-ACCESS-SIGN"]       = sign;
                request.Headers["AC-ACCESS-TIMESTAMP"]  = timestamp;
                request.Headers["AC-ACCESS-PASSPHRASE"] = CryptoUtility.ToUnsecureString(Passphrase);

                if (request.Method == "POST")
                {
                    await CryptoUtility.WriteToRequestAsync(request, body);
                }
            }
        }