binance-java-api is a lightweight Java library for the Binance API, supporting synchronous and asynchronous requests, as well as event streaming using WebSockets.
MIT License
831
stars
623
forks
source link
Signature is calculated wrongly for query string containing encoded characters #297
Took me a while, but I've identified a bug in 'AuthenticationInterceptor'.
Maybe it was not needed yet, but when I was locally implementing support for sub-account APIs and some of the query string parameters were containing email address (with @ symbol) then the request was failing with 'msg':
-1022:Signature for this request is not valid
The issue is that 'AuthenticationInterceptor' is creating the SHA256 signature from original query string, for example:
email=foo@bar.com
But it needs to be calculating it from URL encoded query string, for example:
email=foo%40bar.com
Took me a while, but I've identified a bug in 'AuthenticationInterceptor'.
Maybe it was not needed yet, but when I was locally implementing support for sub-account APIs and some of the query string parameters were containing email address (with @ symbol) then the request was failing with 'msg':
-1022:Signature for this request is not validThe issue is that 'AuthenticationInterceptor' is creating the SHA256 signature from original query string, for example:
email=foo@bar.comBut it needs to be calculating it from URL encoded query string, for example:
email=foo%40bar.comPull request with fix: https://github.com/binance-exchange/binance-java-api/pull/298