(Visual FoxPro) ShippingEasy.com Calculate Signature for API Authentication

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

LOCAL lnSuccess
LOCAL loSbStringToSign
LOCAL lcHttpVerb
LOCAL lcUriPath
LOCAL lcQueryParamsStr
LOCAL loJson
LOCAL loDt
LOCAL lnBLocalTime
LOCAL lcUnixEpochTimestamp
LOCAL lcYour_api_key
LOCAL lnNumReplaced
LOCAL lcYour_api_secret
LOCAL loCrypt
LOCAL lcApi_signature
LOCAL loHttp
LOCAL loQueryParams
LOCAL loResp

* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* 
* First, concatenate these into a plaintext string using the following order:
* 
*     Capitilized method of the request. E.g. "POST"
*     The URI path
*     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
*     The request body as a string if one exists
*     All parts are then concatenated together with an ampersand. The result resembles something like this:
* 
* "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder')
loSbStringToSign = CreateObject('Chilkat.StringBuilder')

lcHttpVerb = "POST"
lcUriPath = "/partners/api/accounts"
lcQueryParamsStr = "api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP"

* Build the following JSON that will be the body of the request:

* {
*   "account": {
*     "first_name": "Coralie",
*     "last_name": "Waelchi",
*     "company_name": "Hegmann, Cremin and Bradtke",
*     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
*     "phone_number": "1-381-014-3358",
*     "address": "2476 Flo Inlet",
*     "address2": "",
*     "state": "SC",
*     "city": "North Dennis",
*     "postal_code": "29805",
*     "country": "USA",
*     "password": "abc123",
*     "subscription_plan_code": "starter"
*   }
* }

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJson = CreateObject('Chilkat.JsonObject')
loJson.UpdateString("account.first_name","Coralie")
loJson.UpdateString("account.last_name","Waelchi")
loJson.UpdateString("account.company_name","Hegmann, Cremin and Bradtke")
loJson.UpdateString("account.email","se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com")
loJson.UpdateString("account.phone_number","1-381-014-3358")
loJson.UpdateString("account.address","2476 Flo Inlet")
loJson.UpdateString("account.address2","")
loJson.UpdateString("account.state","SC")
loJson.UpdateString("account.city","North Dennis")
loJson.UpdateString("account.postal_code","29805")
loJson.UpdateString("account.country","USA")
loJson.UpdateString("account.password","abc123")
loJson.UpdateString("account.subscription_plan_code","starter")

loJson.EmitCompact = 0
? loJson.Emit()

* First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.CkDateTime')
loDt = CreateObject('Chilkat.CkDateTime')
loDt.SetFromCurrentSystemTime()
* Get the UTC time.
lnBLocalTime = 0
lcUnixEpochTimestamp = loDt.GetAsUnixTimeStr(lnBLocalTime)

* Build the string to sign:
loSbStringToSign.Append(lcHttpVerb)
loSbStringToSign.Append("&")
loSbStringToSign.Append(lcUriPath)
loSbStringToSign.Append("&")
loSbStringToSign.Append(lcQueryParamsStr)
loSbStringToSign.Append("&")
* Make sure to send the JSON body of a request in compact form..
loJson.EmitCompact = 1
loSbStringToSign.Append(loJson.Emit())

* Use your API key here:
lcYour_api_key = "f9a7c8ebdfd34beaf260d9b0296c7059"

lnNumReplaced = loSbStringToSign.Replace("YOUR_API_KEY",lcYour_api_key)
lnNumReplaced = loSbStringToSign.Replace("UNIX_EPOCH_TIMESTAMP",lcUnixEpochTimestamp)

* Do the HMAC-SHA256 with your API secret:
lcYour_api_secret = "ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d"
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Crypt2')
loCrypt = CreateObject('Chilkat.Crypt2')
loCrypt.MacAlgorithm = "hmac"
loCrypt.EncodingMode = "hexlower"
loCrypt.SetMacKeyString(lcYour_api_secret)
loCrypt.HashAlgorithm = "sha256"

lcApi_signature = loCrypt.MacStringENC(loSbStringToSign.GetAsString())
? "api_signature: " + lcApi_signature

* --------------------------------------------------------------------
* Here's an example showing how to use the signature in a request:

* Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
loSbStringToSign.Clear()
loSbStringToSign.Append("GET")
loSbStringToSign.Append("&")
loSbStringToSign.Append("/app.shippingeasy.com/api/orders")
loSbStringToSign.Append("&")
loSbStringToSign.Append(lcQueryParamsStr)
loSbStringToSign.Append("&")
* There is no body for a GET request.

lcApi_signature = loCrypt.MacStringENC(loSbStringToSign.GetAsString())

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Http')
loHttp = CreateObject('Chilkat.Http')
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loQueryParams = CreateObject('Chilkat.JsonObject')

loQueryParams.UpdateString("api_signature",lcApi_signature)
loQueryParams.UpdateString("api_timestamp",lcUnixEpochTimestamp)
loQueryParams.UpdateString("api_key",lcYour_api_key)

loResp = loHttp.QuickRequestParams("GET","https://app.shippingeasy.com/api/orders",loQueryParams)
IF (loHttp.LastMethodSuccess = 0) THEN
    ? loHttp.LastErrorText
    RELEASE loSbStringToSign
    RELEASE loJson
    RELEASE loDt
    RELEASE loCrypt
    RELEASE loHttp
    RELEASE loQueryParams
    CANCEL
ENDIF

? "response status code = " + STR(loResp.StatusCode)
? "response body:"
? loResp.BodyStr

RELEASE loResp

RELEASE loSbStringToSign
RELEASE loJson
RELEASE loDt
RELEASE loCrypt
RELEASE loHttp
RELEASE loQueryParams