search

ccxt / ccxt

A JavaScript / TypeScript / Python / C# / PHP cryptocurrency trading API with support for more than 100 bitcoin/altcoin exchanges
https://docs.ccxt.com
MIT License
33.38k stars 7.57k forks source link

Dose private API call not implemented to Vaultoro exchange? #1988

Closed mostar closed 6 years ago

mostar commented 6 years ago

Hello,

It's look like the POST is not enrypt with the secret.

uri = 'https://api.vaultoro.com/1/balance?nonce='+ nonce + '&apikey=' + key;

You then have to send the encrypted string along in the header.

getting:

401 Client Error: Unauthorized for url: https://api.vaultoro.com/1/balance?nonce=1519134463&apikey=key...

{ (https://api.vaultoro.com/1/balance?nonce=1519134463&apikey=key) ֲ "status": "error","data": { "message": "Authentication failed"} }

Am I missing something?

kroitor commented 6 years ago

Hi! )

Am I missing something?

Yep, you're missing the steps described here, that we need you to do to troubleshoot your instance and provide enough info for us to be able to help you ;) We need the info that you didn't provide, the language, the version of the lib, the version of the language, your source code and verbose output. Otherwise you're like: "hey, my car doesn't want to start, who wants to guess what could be wrong with it?" ) We really need more specific info from you. Can you please follow those steps literally and paste the code and verbose output here (if you will have questions after that) ?

mostar commented 6 years ago

Sorry for the misunderstanding.

My php version is 5.5.9. ccxt is up to date I "git pull" in now before running. Here is my the code to get balance from Vaultoro exchange

include $root . '/ccxt.php';
date_default_timezone_set ('UTC');
$exchange = new \ccxt\vaultoro (array (
    'apiKey' => 'J.......', 
    'secret' => 'd..........',
    'verbose' => true,
));
$exchange = new $exchange ();
var_dump ($exchange->fetch_balance());

it fail on

HP Fatal error: Uncaught exception 'ccxt\AuthenticationError' with message 'vaultoro requires apiKey' in /somedir/ccxt/php/Exchange.php:497 Stack trace:

0 /somedir/ccxt/php/vaultoro.php(196): ccxt\Exchange->check_required_credentials()

1 /somedir/ccxt/php/Exchange.php(733): ccxt\vaultoro->sign('balance', 'private', 'GET', Array, NULL, NULL)

2 /somedir/ccxt/php/Exchange.php(738): ccxt\Exchange->fetch2('balance', 'private', 'GET', Array, NULL, NULL)

3 [internal function]: ccxt\Exchange->request('balance', 'private', 'GET', Array)

4 /somedir/ccxt/php/Exchange.php(673): call_user_func(Array, 'balance', 'private', 'GET', Array)

5 [internal function]: ccxt\Exchange->ccxt{closure}()

6 /somedir/ccxt/php/Exchange.php(1537): call_user_func_array(Object(Closure), Array)

7 /somedir/ccxt/php/vaultoro.php(82): ccxt\Exchange->__call('privateGetBalan...', Array)

8 /somedir/ccxt/php/vaultoro.php(82): ccxt\vaultoro->privateGetBalance()

9 /home/ramia/viewpriv/tradeapi/exchanges/ccxt-lib/php/bug2show.php(11): ccxt\v in /somedir/ccxt/php/Exchange.php on line 497

According to Vaultoro support the error "Authentication failed" indicate:

It's look like the POST is not enrypt with the secret. uri = 'https://api.vaultoro.com/1/balance?nonce='+ nonce + '&apikey=' + key; You then have to send the encrypted string along in the header.

mkutny commented 6 years ago

Hi, @mostar , thanks for the report!

You know, I see from the code that the encrypted string is set in the header: https://github.com/ccxt/ccxt/blob/76fda1a35ac91d9bc03c43bcaed09b58578aefb3/js/vaultoro.js#L204-L207

You can also check it the other way if you run this command line swiss knife in the verbose mode:

> php examples/php/cli.php vaultoro fetchBalance --verbose

fetch:
 vaultoro GET https://api.vaultoro.com/1/balance?nonce=1519296612&apikey=7omZ3XSd74T87JSCsTyKTtD5ppRBarQL 
Request:
 { 'Content-Type': 'application/json',
  'X-Signature': 'afb7b41801e87ed6c6592f2c9ae8db4eeadfb7e0d70478f51a6e7351da5488ac' }

So we expect it to work but indeed, I can confirm that they return 401 Unauthorized:

handleRestResponse:
 vaultoro GET https://api.vaultoro.com/1/balance?nonce=1519296612&apikey=7omZ3XSd74T87JSCsTyKTtD5ppRBarQL 401 Unauthorized 
Response:
 { Server: 'nginx',
  Date: 'Thu, 22 Feb 2018 10:50:13 GMT',
  'Content-Type': 'application/json',
  'Transfer-Encoding': 'chunked',
  Connection: 'close',
  'Cache-Control': 'no-store',
  Pragma: 'no-cache',
  'Access-Control-Allow-Origin': '*',
  'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept',
  Vary: 'Accept-Encoding',
  'Content-Encoding': 'gzip' } 
 {
  "status": "error",
  "data": {
    "message": "Authentication failed"
  }
}

Most probably they changed either the name of the header or signature method. Would you be willing to troubleshoot and submit a PR, if possible?

kroitor commented 6 years ago

@mkutny you're using my public key, which was screwed long ago by some newb user who tried to use my key with some micro-giga-seconds-nonce or something, so the nonce is screwed on that key, therefore Unauthorized...

I've created a new key, and it works:

mbp:ccxt igorkroitor$ node examples/js/cli vaultoro fetchBalance
vaultoro.fetchBalance ()
{  info: [ { currency_code: "btc", cash: 0, reserved: 0 },
           { currency_code: "gld", cash: 0, reserved: 0 }  ],
    BTC: { free: 0, used: 0, total: 0 },
    GLD: { free: 0, used: 0, total: 0 },
   free: { BTC: 0, GLD: 0 },
   used: { BTC: 0, GLD: 0 },
  total: { BTC: 0, GLD: 0 }                                   }
mbp:ccxt igorkroitor$ node examples/js/cli vaultoro fetchBalance --verbose
vaultoro.fetchBalance ()
fetch:
 vaultoro GET https://api.vaultoro.com/markets
Request:
 {}
 undefined

handleRestResponse:
 vaultoro GET https://api.vaultoro.com/markets 200 OK
Response:
 { Server: 'nginx',
  Date: 'Thu, 22 Feb 2018 20:26:14 GMT',
  'Content-Type': 'application/json',
  'Transfer-Encoding': 'chunked',
  Connection: 'close',
  'Cache-Control': 'no-store',
  Pragma: 'no-cache',
  'Access-Control-Allow-Origin': '*',
  'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept',
  Vary: 'Accept-Encoding',
  'Content-Encoding': 'gzip',
  'Strict-Transport-Security': 'max-age=31536000' }
 {
  "status": "success",
  "data": {
    "MarketCurrency": "GLD",
    "BaseCurrency": "BTC",
    "MarketCurrencyLong": "Gold",
    "BaseCurrencyLong": "Bitcoin",
    "MinTradeSize": 1e-8,
    "MarketName": "BTC-GLD",
    "IsActive": true,
    "MinUnitQty": 0.0002,
    "MinPrice": 0.000002,
    "LastPrice": "0.00433800",
    "24hLow": "0.00390000",
    "24hHigh": "0.00433800",
    "24hVolume": "3081.023"
  }
}

fetch:
 vaultoro GET https://api.vaultoro.com/1/balance?nonce=1519331174&apikey=CEwxqNb3GzixcrhzrPkn47JkdsDpff6z
Request:
 { 'Content-Type': 'application/json',
  'X-Signature': '696dd15e8662152398d2d253dd99acd00f03a71bf685112fa9d27a42f684feaa' }
 undefined

handleRestResponse:
 vaultoro GET https://api.vaultoro.com/1/balance?nonce=1519331174&apikey=CEwxqNb3GzixcrhzrPkn47JkdsDpff6z 200 OK
Response:
 { Server: 'nginx',
  Date: 'Thu, 22 Feb 2018 20:26:14 GMT',
  'Content-Type': 'application/json',
  'Transfer-Encoding': 'chunked',
  Connection: 'close',
  'Cache-Control': 'no-store',
  Pragma: 'no-cache',
  'Access-Control-Allow-Origin': '*',
  'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept',
  Vary: 'Accept-Encoding',
  'Content-Encoding': 'gzip',
  'Strict-Transport-Security': 'max-age=31536000' }
 {
  "status": "success",
  "data": [
    {
      "currency_code": "btc",
      "cash": 0,
      "reserved": 0
    },
    {
      "currency_code": "gld",
      "cash": 0,
      "reserved": 0
    }
  ]
}

{  info: [ { currency_code: "btc", cash: 0, reserved: 0 },
           { currency_code: "gld", cash: 0, reserved: 0 }  ],
    BTC: { free: 0, used: 0, total: 0 },
    GLD: { free: 0, used: 0, total: 0 },
   free: { BTC: 0, GLD: 0 },
   used: { BTC: 0, GLD: 0 },
  total: { BTC: 0, GLD: 0 }                                   }
mbp:ccxt igorkroitor$

@mostar ↓ that snippet should work normally, if your system clock is in synch.

https://github.com/ccxt/ccxt/blob/master/examples/php/vaultoro-fetch-balance.php

<?php

$root = dirname (dirname (dirname (__FILE__)));

include $root . '/ccxt.php';

date_default_timezone_set ('UTC');

$exchange = new \ccxt\vaultoro (array (
    // 'verbose' => true, // for debugging
    // 'timeout' => 30000,
    "apiKey" => "CEwxqNb3GzixcrhzrPkn47JkdsDpff6z",
    "secret" => "ZXRBWURDN3NSVFNJSmFIRHlOWUVfd1d6UjZwSFdiTGI=",
));

try {

    $result = $exchange->fetch_balance ();

    print_r ($result);

} catch (\ccxt\NetworkError $e) {
    echo '[Network Error] ' . $e->getMessage () . "\n";
} catch (\ccxt\ExchangeError $e) {
    echo '[Exchange Error] ' . $e->getMessage () . "\n";
} catch (Exception $e) {
    echo '[Error] ' . $e->getMessage () . "\n";
}

?>

Most common pitfall: you double-click the secret when copying it, and it fails to select the trailing equals-sign (=) at the end of the secret... Make sure your credentials are correct.

Notes on troubleshooting: https://github.com/ccxt/ccxt/wiki/Manual#troubleshooting

Let us know if it doesn't help.

mostar commented 6 years ago

Thank you it working.