I’m trying to communicate with an API of a Tradingplatform via post requests in Python. Unfortunately, this only works if the request does not have to be signed. At the beginning I just wanted to follow the example of the documentation (BingX API Documentation on GitHub) to get an account balance. The example gave me the impression that this would take half an hour, but now i’ve been at it for two days and i’m slowly starting to despair.
When I send my request I get an error message from the server that my signature is not correct:
{“code”:80014,”msg”:”signature not match”,”data”:{}}
Since i have no experience with encryption or similar things, it is very difficult for me to analyze the error. I could imagine that the error lies in the conversion to bytes, but i can’t omit this step for test purposes either. The documentation asks you to encrypt the string according to this scheme:
Signature = HmacSHA256("UuGuyEGt6ZEkpUObCYCmIfh0elYsZVh80jlYwpJuRZEw70t6vomMH7Sjmf94ztSI", "POST/api/v1/user/getBalanceapiKey=Zsm4DcrHBTewmVaElrdwA67PmivPv6VDK6JAkiECZ9QfcUnmn67qjCOgvRuZVOzU¤cy=USDT×tamp=1615272721001") Signature = Base64Encode(Signature) Signature = UrlEncode(Signature)
Which i “solved” as follows:
signature = hmac.new(api_secret.encode('utf-8'), originstring.encode('utf-8'), hashlib.sha256).digest().upper() signature = str(signature) signature = bytes(signature, 'utf-8') signature = base64.b64encode(signature) signature = urllib.parse.quote(signature)
I would be very happy if someone could explain to me what I’m doing wrong.
Thanks very much
Daniel
My full Python Code:
import requests import hmac import hashlib import time import base64 import urllib import json api_key = "tHeKeY" api_secret = "MySuPeRsEcReT" asset = "USDT" want = "getBalance" timestamp = str(int(time.time())) paramstring = (str("apiKey=") + str(api_key) + str("¤cy=") + str(asset) + str("×tamp=") + str(timestamp)) print("PARAMSTRING:") print(paramstring) print("") originstring = (str("POST/api/v1/user/") + str(want) + str(paramstring)) print("ORIGINSTRING:") print(originstring) print("") signature = hmac.new(api_secret.encode('utf-8'), originstring.encode('utf-8'), hashlib.sha256).digest().upper() signature = str(signature) signature = bytes(signature, 'utf-8') signature = base64.b64encode(signature) signature = urllib.parse.quote(signature) print("SIGNATURE:") print(signature) print("") signature = str(signature) requeststring = (str("https://api-swap-rest.bingbon.pro/api/v1/user/getBalance?") + str("apiKey=") + str(api_key) + str("¤cy=") + str(asset) + str("×tamp=") + str(timestamp) + str("&sign=") + str(signature)) print("REQUESTSTRING:") print(requeststring) print("") print("RESPONSE:") response = requests.post(requeststring) response = str(response.text) print(response) response = json.loads(response) response_code = (response["code"]) response_message = (response["msg"]) response_data = (response["data"]) print(response_code) print(response_message) print(response_data)
Advertisement
Answer
Infinite monkeys with infinite typewriters, with enough time you can experiment.
I have no idea why, but when I do it this way it works:
signature = (base64.b64encode( hmac.new(bytes(api_secret, 'utf-8'), bytes(originstring, 'utf-8'),digestmod=hashlib.sha256).digest()).decode("utf-8"))
But anyway, if someone can tell me where my problem was, it would be great. Because for me both solutions look somehow the same.