带有R的GDAX :无效签名

Question

我拼命想让GDAX与R一起工作，但我总是得到消息“无效”签名。

当我使用不需要签名的公共API时，我可以毫无问题地使用APi。

这是我的密码

library(httr)
library(jsonlite)
library(digest)
library(RCurl)

api.key <- "My API Key"
secret <- "MY API secret"
passphrase <- "my passphrase"

url <- "https://api.gdax.com"

timestamp <- format(as.numeric(Sys.time()), digits=13)
method <- "GET"
requestPath <- paste0(url,"/accounts")

dec.key <- base64Decode(secret , mode = "raw")

message <- paste0(timestamp,toupper(method),requestPath)

signature <- base64Encode( hmac(key = dec.key, object = message, algo = 
"sha256" , raw=T))

content( GET(requestPath,
         add_headers(
           "CB-ACCESS-KEY" = api.key, 
           "CB-ACCESS-SIGN" = signature,
           "CB-ACCESS-TIMESTAMP" = timestamp,
           "CB-ACCESS-PASSPHRASE" = passphrase,
           "Content-Type"="application/json")) )

这里描述了如何构建签名(来自GDAX)

​

​

有人知道我做错了什么吗？有人能帮忙吗？谢谢

下面，我还发布了vebose()输出。因为这可能会有帮助。

-> GET /accounts HTTP/1.1
-> Host: api.gdax.com
-> User-Agent: libcurl/7.56.0 r-curl/3.0 httr/1.3.1
-> Accept-Encoding: gzip, deflate
-> Cookie: __cfduid=d924b4a32e77ec4527316deee73e313da1512985465
-> Accept: application/json, text/xml, application/xml, */*
-> CB-ACCESS-KEY: "My API Key"
-> CB-ACCESS-SIGN: "generated signature"
-> CB-ACCESS-TIMESTAMP: 1512985492.905
-> CB-ACCESS-PASSPHRASE: "my passphrase"
-> Content-Type: application/json
-> 
<- HTTP/1.1 400 Bad Request
<- Date: Mon, 11 Dec 2017 09:44:54 GMT
<- Content-Type: application/json; charset=utf-8
<- Content-Length: 31
<- Connection: keep-alive
<- Access-Control-Allow-Headers: Content-Type, Accept, cb-session, cb-fp
<- Access-Control-Allow-Methods: GET,POST,DELETE,PUT
<- Access-Control-Allow-Origin: *
<- Access-Control-Expose-Headers: cb-before, cb-after
<- Access-Control-Max-Age: 7200
<- ETag: W/"1f-4RjKVp8I05+xcnQ5/G16yRoMSKU"
<- Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
<- X-Content-Type-Options: nosniff
<- Server: cloudflare-nginx
<- CF-RAY: 3cb782099f053eb0-ZRH
<- 
<<  {"message":"invalid signature"}

*  Connection #12 to host api.gdax.com left intact

我还使用了不同的API密钥/签名/密码(这意味着我删除了API密钥并生成了一个新的API密钥)。再试一次)

任何帮助都是非常感谢的。

Answer 1

您必须使用requestPath将消息编码为GDAX描述中的路径。在这种情况下：

requestPath <- "/accounts"
fullPath <- paste0(url, requestPath)

请记住使用完整路径作为API的URL端点。

content(GET(fullPath,
     add_headers(
       "CB-ACCESS-KEY" = api.key, 
       "CB-ACCESS-SIGN" = signature,
       "CB-ACCESS-TIMESTAMP" = timestamp,
       "CB-ACCESS-PASSPHRASE" = passphrase,
       "Content-Type"="application/json")))