Sample code for 30+ languages & platforms
JavaScript

ShippingEasy.com Calculate Signature for API Authentication

See more HTTP Misc Examples

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.
Note
This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.
JavaScript
var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// 
// First, concatenate these into a plaintext string using the following order:
// 
//     Capitilized method of the request. E.g. "POST"
//     The URI path
//     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
//     The request body as a string if one exists
//     All parts are then concatenated together with an ampersand. The result resembles something like this:
// 
// "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

var sbStringToSign = new CkStringBuilder();

var httpVerb = "POST";
var uriPath = "/partners/api/accounts";
var queryParamsStr = "api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP";

// Build the following JSON that will be the body of the request:

// {
//   "account": {
//     "first_name": "Coralie",
//     "last_name": "Waelchi",
//     "company_name": "Hegmann, Cremin and Bradtke",
//     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
//     "phone_number": "1-381-014-3358",
//     "address": "2476 Flo Inlet",
//     "address2": "",
//     "state": "SC",
//     "city": "North Dennis",
//     "postal_code": "29805",
//     "country": "USA",
//     "password": "abc123",
//     "subscription_plan_code": "starter"
//   }
// }

var json = new CkJsonObject();
json.UpdateString("account.first_name","Coralie");
json.UpdateString("account.last_name","Waelchi");
json.UpdateString("account.company_name","Hegmann, Cremin and Bradtke");
json.UpdateString("account.email","se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com");
json.UpdateString("account.phone_number","1-381-014-3358");
json.UpdateString("account.address","2476 Flo Inlet");
json.UpdateString("account.address2","");
json.UpdateString("account.state","SC");
json.UpdateString("account.city","North Dennis");
json.UpdateString("account.postal_code","29805");
json.UpdateString("account.country","USA");
json.UpdateString("account.password","abc123");
json.UpdateString("account.subscription_plan_code","starter");

json.EmitCompact = false;
console.log(json.Emit());

// First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
var dt = new CkDateTime();
dt.SetFromCurrentSystemTime();
// Get the UTC time.
var bLocalTime = false;
var unixEpochTimestamp = dt.GetAsUnixTimeStr(bLocalTime);

// Build the string to sign:
sbStringToSign.Append(httpVerb);
sbStringToSign.Append("&");
sbStringToSign.Append(uriPath);
sbStringToSign.Append("&");
sbStringToSign.Append(queryParamsStr);
sbStringToSign.Append("&");
// Make sure to send the JSON body of a request in compact form..
json.EmitCompact = true;
sbStringToSign.Append(json.Emit());

// Use your API key here:
var your_api_key = "f9a7c8ebdfd34beaf260d9b0296c7059";

var numReplaced = sbStringToSign.Replace("YOUR_API_KEY",your_api_key);
numReplaced = sbStringToSign.Replace("UNIX_EPOCH_TIMESTAMP",unixEpochTimestamp);

// Do the HMAC-SHA256 with your API secret:
var your_api_secret = "ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d";
var crypt = new CkCrypt2();
crypt.MacAlgorithm = "hmac";
crypt.EncodingMode = "hexlower";
crypt.SetMacKeyString(your_api_secret);
crypt.HashAlgorithm = "sha256";

var api_signature = crypt.MacStringENC(sbStringToSign.GetAsString());
console.log("api_signature: " + api_signature);

// --------------------------------------------------------------------
// Here's an example showing how to use the signature in a request:

// Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
sbStringToSign.Clear();
sbStringToSign.Append("GET");
sbStringToSign.Append("&");
sbStringToSign.Append("/app.shippingeasy.com/api/orders");
sbStringToSign.Append("&");
sbStringToSign.Append(queryParamsStr);
sbStringToSign.Append("&");
// There is no body for a GET request.

api_signature = crypt.MacStringENC(sbStringToSign.GetAsString());

var http = new CkHttp();
var queryParams = new CkJsonObject();

queryParams.UpdateString("api_signature",api_signature);
queryParams.UpdateString("api_timestamp",unixEpochTimestamp);
queryParams.UpdateString("api_key",your_api_key);

var resp = new CkHttpResponse();
success = http.HttpParams("GET","https://app.shippingeasy.com/api/orders",queryParams,resp);
if (success == false) {
    console.log(http.LastErrorText);
    return;
}

console.log("response status code = " + resp.StatusCode);
console.log("response body:");
console.log(resp.BodyStr);