I’m trying to learn how to use APIs in XOJO, specifically Bitcoin/Altcoin exchange APIs. Bittrex.com is the exchange I use the most. They have API documentation which is given in PHP form as shown below:
$apikey='xxx';
$apisecret='xxx';
$nonce=time();
$uri='https://bittrex.com/api/v1.1/market/getopenorders?apikey='.$apikey.'&nonce='.$nonce;
$sign=hash_hmac('sha512',$uri,$apisecret);
$ch = curl_init($uri);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('apisign:'.$sign));
$execResult = curl_exec($ch);
$obj = json_decode($execResult);
So in my feeble attempt to try and get this concept working in Xojo here is my translation. Keep in mind, I’m very new to this aspect of XOJO:
dim socket as new secureHttpsocket
dim apiKey as string = "900390c9267cdcb21cff62b1ef"
dim apiSecret as string = "4fb35ab5324649a48f5db2bfa"
dim nonceDate as date
nonceDate = new date
dim nonce as string = nonceDate.SQLDateTime
dim uri as string = ("https://bittrex.com/api/v1.1/market/getopenorders?apikey=" + apiKey + "&nonce=" + nonce)
dim uriMemBlock as MemoryBlock = uri
dim sign as string = Crypto.HMAC(apiSecret, uriMemBlock, Crypto.Algorithm.SHA512)
socket.SetRequestHeader("apisign:", sign)
I have no idea what I’m doing, but I feel like I got pretty darn close. I ended up with a 400 Bad Request error though. And at that point… I felt I couldn’t go much further, so I put myself in the good graces of the geniuses here. Cheers to anyone who can help! 
one difference could be that maybe hmac on php returns result as hex string while Xojo may not do the hex part. But you see that in debugger…
Ah, one other problem sometimes is if web service wants HTTP 1.1. For that you can use our CURL Plugin, because HTTPSocket can only do HTTP 1.0.
There’s a curl plugin ? Isn’t that monkeybread… costs extra ?
Below are the two lines that I saw that would return different results.
The php code returned total seconds since epoch.
dim nonce as string = str(nonceDate.TotalSeconds)
The php code returned hex encoded data as Christian indicated.
dim sign as string = EncodeHex(Crypto.HMAC(apiSecret, uriMemBlock, Crypto.Algorithm.SHA512), false)
Please sign into your account and change your api key and secret. You should not ever post such things in public.
Those keys were partially erased for that purpose, not to mention they have no permissions. But I appreciate the thought.
What’s the false for ? Now I’m excited gotta go try this thanks a million
I would try making the hmac string with a known string in both the Xojo and php and see if you are gettng the same result. also double check what php is putting in the hmac to make sure you are putting the exact pattern into Xojo’s hmac.
Hey I tried that and got a new error! I like new errors lol
Maybe I’m getting closer. Now it says I have to set content length ?
[code]
Length Required
Length Required
HTTP Error 411. The request must be chunked or have a content length.
[/code]
Chunked transport encoding is a HTTP 1.1 featured.
Or you set Content Length which is okay for HTTP 1.0 also.
a-ha, so i do need to use curl… very interesting.
[quote=114604:@Christian Schmitz]Chunked transport encoding is a HTTP 1.1 featured.
Or you set Content Length which is okay for HTTP 1.0 also.[/quote]
so… for content length… can i set some arbitrary limit ? or ?
content length must be length of bytes of data you send with request. Exactly.
If anyone wants to help me, I tip in Bitcoin. Still can’t figure this out…
If you use SetRequestContent, the content-length header will be set for you. If however, you are not sending any data, it may be that they are expecting content-length to be set to zero. If that’s the case, you’ll have a problem because of a bug in the socket which we found recently which removes the content-length header altogether is there’s no data to be sent, even if you had set one explicitly.