C
C
ShippingEasy.com Calculate Signature for API Authentication
See more HTTP Misc Examples
Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.Chilkat C Downloads
#include <C_CkStringBuilder.h>
#include <C_CkJsonObject.h>
#include <C_CkDateTime.h>
#include <C_CkCrypt2.h>
#include <C_CkHttp.h>
#include <C_CkHttpResponse.h>
void ChilkatSample(void)
{
BOOL success;
HCkStringBuilder sbStringToSign;
const char *httpVerb;
const char *uriPath;
const char *queryParamsStr;
HCkJsonObject json;
HCkDateTime dt;
BOOL bLocalTime;
const char *unixEpochTimestamp;
const char *your_api_key;
int numReplaced;
const char *your_api_secret;
HCkCrypt2 crypt;
const char *api_signature;
HCkHttp http;
HCkJsonObject queryParams;
HCkHttpResponse resp;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
//
// First, concatenate these into a plaintext string using the following order:
//
// Capitilized method of the request. E.g. "POST"
// The URI path
// The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC¶m2=XYZ
// The request body as a string if one exists
// All parts are then concatenated together with an ampersand. The result resembles something like this:
//
// "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"
sbStringToSign = CkStringBuilder_Create();
httpVerb = "POST";
uriPath = "/partners/api/accounts";
queryParamsStr = "api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP";
// Build the following JSON that will be the body of the request:
// {
// "account": {
// "first_name": "Coralie",
// "last_name": "Waelchi",
// "company_name": "Hegmann, Cremin and Bradtke",
// "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
// "phone_number": "1-381-014-3358",
// "address": "2476 Flo Inlet",
// "address2": "",
// "state": "SC",
// "city": "North Dennis",
// "postal_code": "29805",
// "country": "USA",
// "password": "abc123",
// "subscription_plan_code": "starter"
// }
// }
json = CkJsonObject_Create();
CkJsonObject_UpdateString(json,"account.first_name","Coralie");
CkJsonObject_UpdateString(json,"account.last_name","Waelchi");
CkJsonObject_UpdateString(json,"account.company_name","Hegmann, Cremin and Bradtke");
CkJsonObject_UpdateString(json,"account.email","se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com");
CkJsonObject_UpdateString(json,"account.phone_number","1-381-014-3358");
CkJsonObject_UpdateString(json,"account.address","2476 Flo Inlet");
CkJsonObject_UpdateString(json,"account.address2","");
CkJsonObject_UpdateString(json,"account.state","SC");
CkJsonObject_UpdateString(json,"account.city","North Dennis");
CkJsonObject_UpdateString(json,"account.postal_code","29805");
CkJsonObject_UpdateString(json,"account.country","USA");
CkJsonObject_UpdateString(json,"account.password","abc123");
CkJsonObject_UpdateString(json,"account.subscription_plan_code","starter");
CkJsonObject_putEmitCompact(json,FALSE);
printf("%s\n",CkJsonObject_emit(json));
// First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
dt = CkDateTime_Create();
CkDateTime_SetFromCurrentSystemTime(dt);
// Get the UTC time.
bLocalTime = FALSE;
unixEpochTimestamp = CkDateTime_getAsUnixTimeStr(dt,bLocalTime);
// Build the string to sign:
CkStringBuilder_Append(sbStringToSign,httpVerb);
CkStringBuilder_Append(sbStringToSign,"&");
CkStringBuilder_Append(sbStringToSign,uriPath);
CkStringBuilder_Append(sbStringToSign,"&");
CkStringBuilder_Append(sbStringToSign,queryParamsStr);
CkStringBuilder_Append(sbStringToSign,"&");
// Make sure to send the JSON body of a request in compact form..
CkJsonObject_putEmitCompact(json,TRUE);
CkStringBuilder_Append(sbStringToSign,CkJsonObject_emit(json));
// Use your API key here:
your_api_key = "f9a7c8ebdfd34beaf260d9b0296c7059";
numReplaced = CkStringBuilder_Replace(sbStringToSign,"YOUR_API_KEY",your_api_key);
numReplaced = CkStringBuilder_Replace(sbStringToSign,"UNIX_EPOCH_TIMESTAMP",unixEpochTimestamp);
// Do the HMAC-SHA256 with your API secret:
your_api_secret = "ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d";
crypt = CkCrypt2_Create();
CkCrypt2_putMacAlgorithm(crypt,"hmac");
CkCrypt2_putEncodingMode(crypt,"hexlower");
CkCrypt2_SetMacKeyString(crypt,your_api_secret);
CkCrypt2_putHashAlgorithm(crypt,"sha256");
api_signature = CkCrypt2_macStringENC(crypt,CkStringBuilder_getAsString(sbStringToSign));
printf("api_signature: %s\n",api_signature);
// --------------------------------------------------------------------
// Here's an example showing how to use the signature in a request:
// Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
CkStringBuilder_Clear(sbStringToSign);
CkStringBuilder_Append(sbStringToSign,"GET");
CkStringBuilder_Append(sbStringToSign,"&");
CkStringBuilder_Append(sbStringToSign,"/app.shippingeasy.com/api/orders");
CkStringBuilder_Append(sbStringToSign,"&");
CkStringBuilder_Append(sbStringToSign,queryParamsStr);
CkStringBuilder_Append(sbStringToSign,"&");
// There is no body for a GET request.
api_signature = CkCrypt2_macStringENC(crypt,CkStringBuilder_getAsString(sbStringToSign));
http = CkHttp_Create();
queryParams = CkJsonObject_Create();
CkJsonObject_UpdateString(queryParams,"api_signature",api_signature);
CkJsonObject_UpdateString(queryParams,"api_timestamp",unixEpochTimestamp);
CkJsonObject_UpdateString(queryParams,"api_key",your_api_key);
resp = CkHttpResponse_Create();
success = CkHttp_HttpParams(http,"GET","https://app.shippingeasy.com/api/orders",queryParams,resp);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkStringBuilder_Dispose(sbStringToSign);
CkJsonObject_Dispose(json);
CkDateTime_Dispose(dt);
CkCrypt2_Dispose(crypt);
CkHttp_Dispose(http);
CkJsonObject_Dispose(queryParams);
CkHttpResponse_Dispose(resp);
return;
}
printf("response status code = %d\n",CkHttpResponse_getStatusCode(resp));
printf("response body:\n");
printf("%s\n",CkHttpResponse_bodyStr(resp));
CkStringBuilder_Dispose(sbStringToSign);
CkJsonObject_Dispose(json);
CkDateTime_Dispose(dt);
CkCrypt2_Dispose(crypt);
CkHttp_Dispose(http);
CkJsonObject_Dispose(queryParams);
CkHttpResponse_Dispose(resp);
}