Sample code for 30+ languages & platforms
Lianja

ShippingEasy.com Calculate Signature for API Authentication

See more HTTP Misc Examples

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.

Chilkat Lianja Downloads

Lianja
llSuccess = .F.

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// 
// First, concatenate these into a plaintext string using the following order:
// 
//     Capitilized method of the request. E.g. "POST"
//     The URI path
//     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
//     The request body as a string if one exists
//     All parts are then concatenated together with an ampersand. The result resembles something like this:
// 
// "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

loSbStringToSign = createobject("CkStringBuilder")

lcHttpVerb = "POST"
lcUriPath = "/partners/api/accounts"
lcQueryParamsStr = "api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP"

// Build the following JSON that will be the body of the request:

// {
//   "account": {
//     "first_name": "Coralie",
//     "last_name": "Waelchi",
//     "company_name": "Hegmann, Cremin and Bradtke",
//     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
//     "phone_number": "1-381-014-3358",
//     "address": "2476 Flo Inlet",
//     "address2": "",
//     "state": "SC",
//     "city": "North Dennis",
//     "postal_code": "29805",
//     "country": "USA",
//     "password": "abc123",
//     "subscription_plan_code": "starter"
//   }
// }

loJson = createobject("CkJsonObject")
loJson.UpdateString("account.first_name","Coralie")
loJson.UpdateString("account.last_name","Waelchi")
loJson.UpdateString("account.company_name","Hegmann, Cremin and Bradtke")
loJson.UpdateString("account.email","se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com")
loJson.UpdateString("account.phone_number","1-381-014-3358")
loJson.UpdateString("account.address","2476 Flo Inlet")
loJson.UpdateString("account.address2","")
loJson.UpdateString("account.state","SC")
loJson.UpdateString("account.city","North Dennis")
loJson.UpdateString("account.postal_code","29805")
loJson.UpdateString("account.country","USA")
loJson.UpdateString("account.password","abc123")
loJson.UpdateString("account.subscription_plan_code","starter")

loJson.EmitCompact = .F.
? loJson.Emit()

// First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
loDt = createobject("CkDateTime")
loDt.SetFromCurrentSystemTime()
// Get the UTC time.
llBLocalTime = .F.
lcUnixEpochTimestamp = loDt.GetAsUnixTimeStr(llBLocalTime)

// Build the string to sign:
loSbStringToSign.Append(lcHttpVerb)
loSbStringToSign.Append("&")
loSbStringToSign.Append(lcUriPath)
loSbStringToSign.Append("&")
loSbStringToSign.Append(lcQueryParamsStr)
loSbStringToSign.Append("&")
// Make sure to send the JSON body of a request in compact form..
loJson.EmitCompact = .T.
loSbStringToSign.Append(loJson.Emit())

// Use your API key here:
lcYour_api_key = "f9a7c8ebdfd34beaf260d9b0296c7059"

lnNumReplaced = loSbStringToSign.Replace("YOUR_API_KEY",lcYour_api_key)
lnNumReplaced = loSbStringToSign.Replace("UNIX_EPOCH_TIMESTAMP",lcUnixEpochTimestamp)

// Do the HMAC-SHA256 with your API secret:
lcYour_api_secret = "ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d"
loCrypt = createobject("CkCrypt2")
loCrypt.MacAlgorithm = "hmac"
loCrypt.EncodingMode = "hexlower"
loCrypt.SetMacKeyString(lcYour_api_secret)
loCrypt.HashAlgorithm = "sha256"

lcApi_signature = loCrypt.MacStringENC(loSbStringToSign.GetAsString())
? "api_signature: " + lcApi_signature

// --------------------------------------------------------------------
// Here's an example showing how to use the signature in a request:

// Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
loSbStringToSign.Clear()
loSbStringToSign.Append("GET")
loSbStringToSign.Append("&")
loSbStringToSign.Append("/app.shippingeasy.com/api/orders")
loSbStringToSign.Append("&")
loSbStringToSign.Append(lcQueryParamsStr)
loSbStringToSign.Append("&")
// There is no body for a GET request.

lcApi_signature = loCrypt.MacStringENC(loSbStringToSign.GetAsString())

loHttp = createobject("CkHttp")
loQueryParams = createobject("CkJsonObject")

loQueryParams.UpdateString("api_signature",lcApi_signature)
loQueryParams.UpdateString("api_timestamp",lcUnixEpochTimestamp)
loQueryParams.UpdateString("api_key",lcYour_api_key)

loResp = createobject("CkHttpResponse")
llSuccess = loHttp.HttpParams("GET","https://app.shippingeasy.com/api/orders",loQueryParams,loResp)
if (llSuccess = .F.) then
    ? loHttp.LastErrorText
    release loSbStringToSign
    release loJson
    release loDt
    release loCrypt
    release loHttp
    release loQueryParams
    release loResp
    return
endif

? "response status code = " + str(loResp.StatusCode)
? "response body:"
? loResp.BodyStr


release loSbStringToSign
release loJson
release loDt
release loCrypt
release loHttp
release loQueryParams
release loResp