(Java) ShippingEasy.com Calculate Signature for API Authentication

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.

Chilkat Java Downloads Java Libs for Windows, MacOS, Linux, Alpine Linux, Solaris Java Libs for Android

import com.chilkatsoft.*;

public class ChilkatExample {

  static {
    try {
        System.loadLibrary("chilkat");
    } catch (UnsatisfiedLinkError e) {
      System.err.println("Native code library failed to load.\n" + e);
      System.exit(1);
    }
  }

  public static void main(String argv[])
  {
    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // 
    // First, concatenate these into a plaintext string using the following order:
    // 
    //     Capitilized method of the request. E.g. "POST"
    //     The URI path
    //     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
    //     The request body as a string if one exists
    //     All parts are then concatenated together with an ampersand. The result resembles something like this:
    // 
    // "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

    boolean success;
    CkStringBuilder sbStringToSign = new CkStringBuilder();

    String httpVerb = "POST";
    String uriPath = "/partners/api/accounts";
    String queryParamsStr = "api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP";

    // Build the following JSON that will be the body of the request:

    // {
    //   "account": {
    //     "first_name": "Coralie",
    //     "last_name": "Waelchi",
    //     "company_name": "Hegmann, Cremin and Bradtke",
    //     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
    //     "phone_number": "1-381-014-3358",
    //     "address": "2476 Flo Inlet",
    //     "address2": "",
    //     "state": "SC",
    //     "city": "North Dennis",
    //     "postal_code": "29805",
    //     "country": "USA",
    //     "password": "abc123",
    //     "subscription_plan_code": "starter"
    //   }
    // }

    CkJsonObject json = new CkJsonObject();
    json.UpdateString("account.first_name","Coralie");
    json.UpdateString("account.last_name","Waelchi");
    json.UpdateString("account.company_name","Hegmann, Cremin and Bradtke");
    json.UpdateString("account.email","se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com");
    json.UpdateString("account.phone_number","1-381-014-3358");
    json.UpdateString("account.address","2476 Flo Inlet");
    json.UpdateString("account.address2","");
    json.UpdateString("account.state","SC");
    json.UpdateString("account.city","North Dennis");
    json.UpdateString("account.postal_code","29805");
    json.UpdateString("account.country","USA");
    json.UpdateString("account.password","abc123");
    json.UpdateString("account.subscription_plan_code","starter");

    json.put_EmitCompact(false);
    System.out.println(json.emit());

    // First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
    CkDateTime dt = new CkDateTime();
    dt.SetFromCurrentSystemTime();
    // Get the UTC time.
    boolean bLocalTime = false;
    String unixEpochTimestamp = dt.getAsUnixTimeStr(bLocalTime);

    // Build the string to sign:
    sbStringToSign.Append(httpVerb);
    sbStringToSign.Append("&");
    sbStringToSign.Append(uriPath);
    sbStringToSign.Append("&");
    sbStringToSign.Append(queryParamsStr);
    sbStringToSign.Append("&");
    // Make sure to send the JSON body of a request in compact form..
    json.put_EmitCompact(true);
    sbStringToSign.Append(json.emit());

    // Use your API key here:
    String your_api_key = "f9a7c8ebdfd34beaf260d9b0296c7059";

    int numReplaced = sbStringToSign.Replace("YOUR_API_KEY",your_api_key);
    numReplaced = sbStringToSign.Replace("UNIX_EPOCH_TIMESTAMP",unixEpochTimestamp);

    // Do the HMAC-SHA256 with your API secret:
    String your_api_secret = "ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d";
    CkCrypt2 crypt = new CkCrypt2();
    crypt.put_MacAlgorithm("hmac");
    crypt.put_EncodingMode("hexlower");
    crypt.SetMacKeyString(your_api_secret);
    crypt.put_HashAlgorithm("sha256");

    String api_signature = crypt.macStringENC(sbStringToSign.getAsString());
    System.out.println("api_signature: " + api_signature);

    // --------------------------------------------------------------------
    // Here's an example showing how to use the signature in a request:

    // Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
    sbStringToSign.Clear();
    sbStringToSign.Append("GET");
    sbStringToSign.Append("&");
    sbStringToSign.Append("/app.shippingeasy.com/api/orders");
    sbStringToSign.Append("&");
    sbStringToSign.Append(queryParamsStr);
    sbStringToSign.Append("&");
    // There is no body for a GET request.

    api_signature = crypt.macStringENC(sbStringToSign.getAsString());

    CkHttp http = new CkHttp();
    CkJsonObject queryParams = new CkJsonObject();

    queryParams.UpdateString("api_signature",api_signature);
    queryParams.UpdateString("api_timestamp",unixEpochTimestamp);
    queryParams.UpdateString("api_key",your_api_key);

    CkHttpResponse resp = http.QuickRequestParams("GET","https://app.shippingeasy.com/api/orders",queryParams);
    if (http.get_LastMethodSuccess() == false) {
        System.out.println(http.lastErrorText());
        return;
        }

    System.out.println("response status code = " + resp.get_StatusCode());
    System.out.println("response body:");
    System.out.println(resp.bodyStr());
  }
}