search

3commas-io / 3commas-official-api-docs

Official Documentation for the 3commas APIs
https://3commas.io
241 stars 87 forks source link

Provided signature is invalid for PATCH request #110

Open walidbahgat opened 2 years ago

walidbahgat commented 2 years ago

i'm facing an issue sending API Patch request, it always send a "{"error":"signature_invalid","error_description":"Provided signature is invalid"}" error, when i try to send i GET request, it return s successfully.

but the issue happens when trying to send PATCH request with several parametes in the body using cURL "-d xxxxxx", it always send me 401 unauthorized, so i need to know do i need to put the baseURL only "/public/api/ver1/bots//update" in "Plain Text to Compute Hash" or shall i add the parameters in the body also to the "Plain Text to Compute Hash"

agustind commented 2 years ago

After dealing with this for hours I realized the URL you use to generate the signature should include all the parameters you are posting

agustind commented 2 years ago

Here's an example in PHP:

$data = [ "name" => $bot_data->name, "base_order_volume" => $bot_data->base_order_volume, "take_profit" => $bot_data->take_profit, "safety_order_volume" => $bot_data->safety_order_volume, "martingale_volume_coefficient" => $bot_data->martingale_volume_coefficient, "martingale_step_coefficient" => $bot_data->martingale_step_coefficient, "max_safety_orders" => $bot_data->max_safety_orders, "active_safety_orders_count" => $bot_data->active_safety_orders_count, "safety_order_step_percentage" => $bot_data->safety_order_step_percentage, "take_profit_type" => $bot_data->take_profit_type, "strategy_list" => '', 'pairs' => 'USDT_BTC', 'api_key' => $api_key, 'secret' => $secret, ];

$data_encoded = http_build_query($data);

$endpoint_base = '/public/api/ver1/bots/12345678/update'; $endpoint = $endpoint_base . '?' . $data_encoded;

$signature = hash_hmac('sha256', $endpoint, $secret); $url = 'https://api.3commas.io' . $endpoint_base;

$headers = array( "Content-Type: application/x-www-form-urlencoded", "Accept: application/json", "APIKEY: " . $api_key, "Signature: " . $signature, );

$curl = curl_init($url); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'PATCH'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); curl_setopt($curl, CURLOPT_POSTFIELDS, $data_encoded); $resp = curl_exec($curl);

amahouachi commented 2 years ago

I am stuck with the same problem.

@agustind how did you manage to send the strategy_list parameter? Because if you don't want to update it, you need to provide it as it is in the bot before updating no ? Does it get encoded properly? because it's a json array not a simple type.