search

BTCMarkets / API

API
119 stars 30 forks source link

Intermittent 'Authentication Failed' Errors #120

Closed Nick-Holaspa closed 6 years ago

Nick-Holaspa commented 6 years ago

Hi,

Most of the time the API works fine, however, at random times the authentication fails. For example, this morning I sent approximately 2000 requests, and then got an 'authentication failed' error on a request to '/order/detail', a request which had been successful at least 250 times during the session. In previous days I have seen it fail on '/order/create' and '/order/cancel' as well. Have you heard of other clients having a similar issue? Is anyone able to share any thoughts regarding this problem?

Thanks.

Nick.

Nick-Holaspa commented 6 years ago

Which version of Base64 encoding should we be using? I'm using this:

cppcodec/base64_default_rfc4648.hpp

However, these are also available:

cppcodec/base64_default_url_unpadded.hpp
cppcodec/base64_rfc4648.hpp
cppcodec/base64_default_rfc4648.hpp cppcodec/base64_url.hpp
cppcodec/base64_default_url.hpp cppcodec/base64_url_unpadded.hpp

justin-ngin commented 6 years ago

Hi @Nick-Holaspa ,

To answer your first post: Those three endpoints are POST endpoints, and as such authentication could fail because of improperly formatted or ordered data, either in the POST body, or in the string used for the signature. If you could provide some example requests, we could see if this is the case. Otherwise, if most of your requests to these endpoints are going through just fine, another common culprit is the timestamp. (Most of the instances you'll find mentioned on the issues page where previously working code fails for what seems like no reason are due to timestamp variances).

To answer your second post: I would have to do some experimenting to make sure that all of these codecs encode/decode private keys and signatures the same way. My guess though is if the codec you're using works for most of your requests, it most likely should be working for ALL of them, and is probably not the source of your authentication problems.

Regards, Justin

Nick-Holaspa commented 6 years ago

Ahhh that's it! I was calling 'GetTimestamp' twice, once for the header field and once for the signature, instead of calling it once and storing the result.

Thanks Justin.

justin-ngin commented 6 years ago

Happy to help! If there's nothing else, I'll be closing this issue. Feel free to reopen if you start having problems again.

Cheers Justin