Reputation: 1
Trouble authenticating in Coinbase with PHP using PHP CURL
I am trying to authenticate to Coinbase using the following PHP code and I keep getting an invalid signature error message.
Given that info() is a function (will eventually turn it into an object), that gets the API_KEY, API_SECRET, USERAGENT, and Coinbase Base URL (each tested), and that get_coinbase_time() that has been tested to get epoch time from Coinbase, I am experiencing no joy. My guess is the error is on the line where $sign is defined. The docs are not very clear as to how to solve this issue. Can someone assess my code and recommend changes or offer code that may work that I may learn from.
Thanks!
<?php
var_dump(get_coinbase_access('/v2/accounts'));
function get_coinbase_access($path){
$data = get_coinbase_time() . 'GET' . $path;
$sign = hash_hmac("sha256", $data, info('secret'));
$headers = array();
$headers[] = 'CB-ACCESS-KEY: ' . info('key');
$headers[] = 'CB-ACCESS-SIGN: ' . $sign;
$headers[] = 'CB-ACCESS-TIMESTAMP: ' . get_coinbase_time();
$headers[] = 'CB-VERSION: 2016-03-08';
$headers[] = 'Content-Type: application/json';
$ch= curl_init(info('url') . $path);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HTTPGET, TRUE);
curl_setopt($ch, CURLOPT_USERAGENT, info('useragent'));
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$response = curl_exec($ch);
$res = json_decode($response, TRUE);
return $res;
}
?>
Upvotes: 0
Views: 312
Answers (2)
Reputation: 137
I am not an expert (just working my way through this ...)
If you are concerned with Coinbase and not CoinbasePro then I think the section of [the docs that you need][1] says:
The CB-ACCESS-SIGN header is generated by creating a sha256 HMAC using the secret key on the prehash string timestamp + method + requestPath + body (where + represents string concatenation). The timestamp value is the same as the CB-ACCESS-TIMESTAMP header.
So, you have got things in the wrong order.
I think you might use something like this:
function signature($request_path='', $body='', $timestamp, $method='GET') {
$w= $timestamp.$method.$request_path.$body;
return hash_hmac("sha256", $w, API_SECRET, false);}
Upvotes: 0
Reputation: 1
Try this:
$timestamp = time();
$body = '';
$message = $timestamp . 'GET' . $path . $body;
$sign = hash("sha256", COINBASE_SECRET_KEY . $message);
Upvotes: -1
Related Questions
- Coinbase API cURL request results in CAPTCHA
- coinbase api returns {"errors":[{"id":"invalid_token","message":"The access token is invalid"}]}
- PHP authentication to Coinbase Exchange private API
- PHP Curl Authentication Issue using API
- curl php authentication not working
- coinbase api call resulted in a `403 Forbidden` response
- PHP cURL Authentication Issue
- PHP cURL can't login with cURL
- Php Curl Login Trouble
- Curl login error on RESTful-ish API