(C) ShippingEasy.com Calculate Signature for API Authentication

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkStringBuilder.h>
#include <C_CkJsonObject.h>
#include <C_CkDateTime.h>
#include <C_CkCrypt2.h>
#include <C_CkHttp.h>
#include <C_CkHttpResponse.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkStringBuilder sbStringToSign;
    const char *httpVerb;
    const char *uriPath;
    const char *queryParamsStr;
    HCkJsonObject json;
    HCkDateTime dt;
    BOOL bLocalTime;
    const char *unixEpochTimestamp;
    const char *your_api_key;
    int numReplaced;
    const char *your_api_secret;
    HCkCrypt2 crypt;
    const char *api_signature;
    HCkHttp http;
    HCkJsonObject queryParams;
    HCkHttpResponse resp;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // 
    // First, concatenate these into a plaintext string using the following order:
    // 
    //     Capitilized method of the request. E.g. "POST"
    //     The URI path
    //     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
    //     The request body as a string if one exists
    //     All parts are then concatenated together with an ampersand. The result resembles something like this:
    // 
    // "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

    sbStringToSign = CkStringBuilder_Create();

    httpVerb = "POST";
    uriPath = "/partners/api/accounts";
    queryParamsStr = "api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP";

    // Build the following JSON that will be the body of the request:

    // {
    //   "account": {
    //     "first_name": "Coralie",
    //     "last_name": "Waelchi",
    //     "company_name": "Hegmann, Cremin and Bradtke",
    //     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
    //     "phone_number": "1-381-014-3358",
    //     "address": "2476 Flo Inlet",
    //     "address2": "",
    //     "state": "SC",
    //     "city": "North Dennis",
    //     "postal_code": "29805",
    //     "country": "USA",
    //     "password": "abc123",
    //     "subscription_plan_code": "starter"
    //   }
    // }

    json = CkJsonObject_Create();
    CkJsonObject_UpdateString(json,"account.first_name","Coralie");
    CkJsonObject_UpdateString(json,"account.last_name","Waelchi");
    CkJsonObject_UpdateString(json,"account.company_name","Hegmann, Cremin and Bradtke");
    CkJsonObject_UpdateString(json,"account.email","se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com");
    CkJsonObject_UpdateString(json,"account.phone_number","1-381-014-3358");
    CkJsonObject_UpdateString(json,"account.address","2476 Flo Inlet");
    CkJsonObject_UpdateString(json,"account.address2","");
    CkJsonObject_UpdateString(json,"account.state","SC");
    CkJsonObject_UpdateString(json,"account.city","North Dennis");
    CkJsonObject_UpdateString(json,"account.postal_code","29805");
    CkJsonObject_UpdateString(json,"account.country","USA");
    CkJsonObject_UpdateString(json,"account.password","abc123");
    CkJsonObject_UpdateString(json,"account.subscription_plan_code","starter");

    CkJsonObject_putEmitCompact(json,FALSE);
    printf("%s\n",CkJsonObject_emit(json));

    // First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
    dt = CkDateTime_Create();
    CkDateTime_SetFromCurrentSystemTime(dt);
    // Get the UTC time.
    bLocalTime = FALSE;
    unixEpochTimestamp = CkDateTime_getAsUnixTimeStr(dt,bLocalTime);

    // Build the string to sign:
    CkStringBuilder_Append(sbStringToSign,httpVerb);
    CkStringBuilder_Append(sbStringToSign,"&");
    CkStringBuilder_Append(sbStringToSign,uriPath);
    CkStringBuilder_Append(sbStringToSign,"&");
    CkStringBuilder_Append(sbStringToSign,queryParamsStr);
    CkStringBuilder_Append(sbStringToSign,"&");
    // Make sure to send the JSON body of a request in compact form..
    CkJsonObject_putEmitCompact(json,TRUE);
    CkStringBuilder_Append(sbStringToSign,CkJsonObject_emit(json));

    // Use your API key here:
    your_api_key = "f9a7c8ebdfd34beaf260d9b0296c7059";

    numReplaced = CkStringBuilder_Replace(sbStringToSign,"YOUR_API_KEY",your_api_key);
    numReplaced = CkStringBuilder_Replace(sbStringToSign,"UNIX_EPOCH_TIMESTAMP",unixEpochTimestamp);

    // Do the HMAC-SHA256 with your API secret:
    your_api_secret = "ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d";
    crypt = CkCrypt2_Create();
    CkCrypt2_putMacAlgorithm(crypt,"hmac");
    CkCrypt2_putEncodingMode(crypt,"hexlower");
    CkCrypt2_SetMacKeyString(crypt,your_api_secret);
    CkCrypt2_putHashAlgorithm(crypt,"sha256");

    api_signature = CkCrypt2_macStringENC(crypt,CkStringBuilder_getAsString(sbStringToSign));
    printf("api_signature: %s\n",api_signature);

    // --------------------------------------------------------------------
    // Here's an example showing how to use the signature in a request:

    // Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
    CkStringBuilder_Clear(sbStringToSign);
    CkStringBuilder_Append(sbStringToSign,"GET");
    CkStringBuilder_Append(sbStringToSign,"&");
    CkStringBuilder_Append(sbStringToSign,"/app.shippingeasy.com/api/orders");
    CkStringBuilder_Append(sbStringToSign,"&");
    CkStringBuilder_Append(sbStringToSign,queryParamsStr);
    CkStringBuilder_Append(sbStringToSign,"&");
    // There is no body for a GET request.

    api_signature = CkCrypt2_macStringENC(crypt,CkStringBuilder_getAsString(sbStringToSign));

    http = CkHttp_Create();
    queryParams = CkJsonObject_Create();

    CkJsonObject_UpdateString(queryParams,"api_signature",api_signature);
    CkJsonObject_UpdateString(queryParams,"api_timestamp",unixEpochTimestamp);
    CkJsonObject_UpdateString(queryParams,"api_key",your_api_key);

    resp = CkHttp_QuickRequestParams(http,"GET","https://app.shippingeasy.com/api/orders",queryParams);
    if (CkHttp_getLastMethodSuccess(http) == FALSE) {
        printf("%s\n",CkHttp_lastErrorText(http));
        CkStringBuilder_Dispose(sbStringToSign);
        CkJsonObject_Dispose(json);
        CkDateTime_Dispose(dt);
        CkCrypt2_Dispose(crypt);
        CkHttp_Dispose(http);
        CkJsonObject_Dispose(queryParams);
        return;
    }

    printf("response status code = %d\n",CkHttpResponse_getStatusCode(resp));
    printf("response body:\n");
    printf("%s\n",CkHttpResponse_bodyStr(resp));

    CkHttpResponse_Dispose(resp);


    CkStringBuilder_Dispose(sbStringToSign);
    CkJsonObject_Dispose(json);
    CkDateTime_Dispose(dt);
    CkCrypt2_Dispose(crypt);
    CkHttp_Dispose(http);
    CkJsonObject_Dispose(queryParams);

    }