(PHP ActiveX) ShippingEasy.com Calculate Signature for API Authentication

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows Note: The php_com_dotnet.dll may need to be enabled inside of php.ini.

<?php

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// 
// First, concatenate these into a plaintext string using the following order:
// 
//     Capitilized method of the request. E.g. "POST"
//     The URI path
//     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
//     The request body as a string if one exists
//     All parts are then concatenated together with an ampersand. The result resembles something like this:
// 
// "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbStringToSign = new COM("Chilkat.StringBuilder");

$httpVerb = 'POST';
$uriPath = '/partners/api/accounts';
$queryParamsStr = 'api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP';

// Build the following JSON that will be the body of the request:

// {
//   "account": {
//     "first_name": "Coralie",
//     "last_name": "Waelchi",
//     "company_name": "Hegmann, Cremin and Bradtke",
//     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
//     "phone_number": "1-381-014-3358",
//     "address": "2476 Flo Inlet",
//     "address2": "",
//     "state": "SC",
//     "city": "North Dennis",
//     "postal_code": "29805",
//     "country": "USA",
//     "password": "abc123",
//     "subscription_plan_code": "starter"
//   }
// }

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$json = new COM("Chilkat.JsonObject");
$json->UpdateString('account.first_name','Coralie');
$json->UpdateString('account.last_name','Waelchi');
$json->UpdateString('account.company_name','Hegmann, Cremin and Bradtke');
$json->UpdateString('account.email','se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com');
$json->UpdateString('account.phone_number','1-381-014-3358');
$json->UpdateString('account.address','2476 Flo Inlet');
$json->UpdateString('account.address2','');
$json->UpdateString('account.state','SC');
$json->UpdateString('account.city','North Dennis');
$json->UpdateString('account.postal_code','29805');
$json->UpdateString('account.country','USA');
$json->UpdateString('account.password','abc123');
$json->UpdateString('account.subscription_plan_code','starter');

$json->EmitCompact = 0;
print $json->emit() . "\n";

// First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.CkDateTime')
$dt = new COM("Chilkat.CkDateTime");
$dt->SetFromCurrentSystemTime();
// Get the UTC time.
$bLocalTime = 0;
$unixEpochTimestamp = $dt->getAsUnixTimeStr($bLocalTime);

// Build the string to sign:
$sbStringToSign->Append($httpVerb);
$sbStringToSign->Append('&');
$sbStringToSign->Append($uriPath);
$sbStringToSign->Append('&');
$sbStringToSign->Append($queryParamsStr);
$sbStringToSign->Append('&');
// Make sure to send the JSON body of a request in compact form..
$json->EmitCompact = 1;
$sbStringToSign->Append($json->emit());

// Use your API key here:
$your_api_key = 'f9a7c8ebdfd34beaf260d9b0296c7059';

$numReplaced = $sbStringToSign->Replace('YOUR_API_KEY',$your_api_key);
$numReplaced = $sbStringToSign->Replace('UNIX_EPOCH_TIMESTAMP',$unixEpochTimestamp);

// Do the HMAC-SHA256 with your API secret:
$your_api_secret = 'ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d';
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Crypt2')
$crypt = new COM("Chilkat.Crypt2");
$crypt->MacAlgorithm = 'hmac';
$crypt->EncodingMode = 'hexlower';
$crypt->SetMacKeyString($your_api_secret);
$crypt->HashAlgorithm = 'sha256';

$api_signature = $crypt->macStringENC($sbStringToSign->getAsString());
print 'api_signature: ' . $api_signature . "\n";

// --------------------------------------------------------------------
// Here's an example showing how to use the signature in a request:

// Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
$sbStringToSign->Clear();
$sbStringToSign->Append('GET');
$sbStringToSign->Append('&');
$sbStringToSign->Append('/app.shippingeasy.com/api/orders');
$sbStringToSign->Append('&');
$sbStringToSign->Append($queryParamsStr);
$sbStringToSign->Append('&');
// There is no body for a GET request.

$api_signature = $crypt->macStringENC($sbStringToSign->getAsString());

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Http')
$http = new COM("Chilkat.Http");
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$queryParams = new COM("Chilkat.JsonObject");

$queryParams->UpdateString('api_signature',$api_signature);
$queryParams->UpdateString('api_timestamp',$unixEpochTimestamp);
$queryParams->UpdateString('api_key',$your_api_key);

// resp is a Chilkat.HttpResponse
$resp = $http->QuickRequestParams('GET','https://app.shippingeasy.com/api/orders',$queryParams);
if ($http->LastMethodSuccess == 0) {
    print $http->LastErrorText . "\n";
    exit;
}

print 'response status code = ' . $resp->StatusCode . "\n";
print 'response body:' . "\n";
print $resp->BodyStr . "\n";


?>