search

irufus / gdax-java

Java based wrapper for Coinbase Pro (Formerly known as GDAX API and Coinbase Exchange API)
MIT License
177 stars 131 forks source link

SEVERE: CancelAllOrders worked even with a VIEW ONLY API key #44

Closed code-with-coffee closed 6 years ago

code-with-coffee commented 6 years ago

Hi,

I downloaded the code, and was running the junit tests locally and encountered an issue with the cancelAllOrders test method. Even though the method failed with the below exception, it still canceled all my existing orders.

At this moment, I only have a View Only API Key. I don't have any API Keys with Trade permissions.

I didnt try running the createOrder test methods for fear of it creating market orders, even with the VIEW only API key. Do please look into this urgently.

Thanks.

Error below:

org.springframework.http.converter.HttpMessageNotReadableException: JSON parse error: Can not construct instance of com.coinbase.exchange.api.orders.Order: no String-argument constructor/factory method to deserialize from String value ('e7046f48-9c93-4250-9981-be9fd1701c58'); nested exception is com.fasterxml.jackson.databind.JsonMappingException: Can not construct instance of com.coinbase.exchange.api.orders.Order: no String-argument constructor/factory method to deserialize from String value ('e7046f48-9c93-4250-9981-be9fd1701c58') at [Source: java.io.PushbackInputStream@6fd5717c; line: 1, column: 2] (through reference chain: java.lang.Object[][0])

at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.readJavaType(AbstractJackson2HttpMessageConverter.java:244)
at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.read(AbstractJackson2HttpMessageConverter.java:229)
at org.springframework.web.client.HttpMessageConverterExtractor.extractData(HttpMessageConverterExtractor.java:96)
at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:917)
at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:901)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:655)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:613)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:559)
at com.coinbase.exchange.api.exchange.GdaxExchangeImpl.delete(GdaxExchangeImpl.java:98)
at com.coinbase.exchange.api.orders.OrderService.cancelAllOpenOrders(OrderService.java:53)
at com.coinbase.exchange.api.orders.OrderTests.cancelAllOrders(OrderTests.java:95)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.springframework.test.context.junit4.statements.RunBeforeTestMethodCallbacks.evaluate(RunBeforeTestMethodCallbacks.java:75)
at org.springframework.test.context.junit4.statements.RunAfterTestMethodCallbacks.evaluate(RunAfterTestMethodCallbacks.java:86)
at org.springframework.test.context.junit4.statements.SpringRepeat.evaluate(SpringRepeat.java:84)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:252)
at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:94)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.springframework.test.context.junit4.statements.RunBeforeTestClassCallbacks.evaluate(RunBeforeTestClassCallbacks.java:61)
at org.springframework.test.context.junit4.statements.RunAfterTestClassCallbacks.evaluate(RunAfterTestClassCallbacks.java:70)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.run(SpringJUnit4ClassRunner.java:191)
at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68)
at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47)
at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242)
at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70)

Caused by: com.fasterxml.jackson.databind.JsonMappingException: Can not construct instance of com.coinbase.exchange.api.orders.Order: no String-argument constructor/factory method to deserialize from String value ('e7046f48-9c93-4250-9981-be9fd1701c58') at [Source: java.io.PushbackInputStream@6fd5717c; line: 1, column: 2] (through reference chain: java.lang.Object[][0]) at com.fasterxml.jackson.databind.JsonMappingException.from(JsonMappingException.java:270) at com.fasterxml.jackson.databind.DeserializationContext.instantiationException(DeserializationContext.java:1456) at com.fasterxml.jackson.databind.DeserializationContext.handleMissingInstantiator(DeserializationContext.java:1012) at com.fasterxml.jackson.databind.deser.ValueInstantiator._createFromStringFallbacks(ValueInstantiator.java:370) at com.fasterxml.jackson.databind.deser.std.StdValueInstantiator.createFromString(StdValueInstantiator.java:315) at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.deserializeFromString(BeanDeserializerBase.java:1282) at com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeOther(BeanDeserializer.java:159) at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:150) at com.fasterxml.jackson.databind.deser.std.ObjectArrayDeserializer.deserialize(ObjectArrayDeserializer.java:196) at com.fasterxml.jackson.databind.deser.std.ObjectArrayDeserializer.deserialize(ObjectArrayDeserializer.java:20) at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:3798) at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2922) at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.readJavaType(AbstractJackson2HttpMessageConverter.java:241) ... 38 more

robevansuk commented 6 years ago

thanks for the alert. I'll report it to them if I can find a way to do so. We are unaffiliated and work independently of coinbase.

robevansuk commented 6 years ago

Have reported to them via Twitter - no response. Have also found another bug in the websocket feed messages that is a little annoying. Didn't hear back from twitter but followed some links from the coinbaseapi twitter account to get to here: https://support.gdax.com/customer/portal/emails/new. So I've reported the issue there. Hopefully hear back soon enough.

robevansuk commented 6 years ago

this was reported successfully. Finally had confirmation today they will be raising an issue to look into this. hopefully hear back soon that they've fixed it.

robevansuk commented 6 years ago

there is this if you find any more : www.hackerone.com/coinbase

irufus commented 6 years ago

This has been addressed with Coinbase.