(PHP Extension) ShippingEasy.com Calculate Signature for API Authentication

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.

Chilkat PHP Downloads PHP Extension for Windows, Linux, MacOS, Alpine Linux, Solaris

<?php

// The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number.
// For example, if using Chilkat v9.5.0.48, then include as shown here:
include("chilkat_9_5_0.php");

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// 
// First, concatenate these into a plaintext string using the following order:
// 
//     Capitilized method of the request. E.g. "POST"
//     The URI path
//     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
//     The request body as a string if one exists
//     All parts are then concatenated together with an ampersand. The result resembles something like this:
// 
// "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

$sbStringToSign = new CkStringBuilder();

$httpVerb = 'POST';
$uriPath = '/partners/api/accounts';
$queryParamsStr = 'api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP';

// Build the following JSON that will be the body of the request:

// {
//   "account": {
//     "first_name": "Coralie",
//     "last_name": "Waelchi",
//     "company_name": "Hegmann, Cremin and Bradtke",
//     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
//     "phone_number": "1-381-014-3358",
//     "address": "2476 Flo Inlet",
//     "address2": "",
//     "state": "SC",
//     "city": "North Dennis",
//     "postal_code": "29805",
//     "country": "USA",
//     "password": "abc123",
//     "subscription_plan_code": "starter"
//   }
// }

$json = new CkJsonObject();
$json->UpdateString('account.first_name','Coralie');
$json->UpdateString('account.last_name','Waelchi');
$json->UpdateString('account.company_name','Hegmann, Cremin and Bradtke');
$json->UpdateString('account.email','se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com');
$json->UpdateString('account.phone_number','1-381-014-3358');
$json->UpdateString('account.address','2476 Flo Inlet');
$json->UpdateString('account.address2','');
$json->UpdateString('account.state','SC');
$json->UpdateString('account.city','North Dennis');
$json->UpdateString('account.postal_code','29805');
$json->UpdateString('account.country','USA');
$json->UpdateString('account.password','abc123');
$json->UpdateString('account.subscription_plan_code','starter');

$json->put_EmitCompact(false);
print $json->emit() . "\n";

// First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
$dt = new CkDateTime();
$dt->SetFromCurrentSystemTime();
// Get the UTC time.
$bLocalTime = false;
$unixEpochTimestamp = $dt->getAsUnixTimeStr($bLocalTime);

// Build the string to sign:
$sbStringToSign->Append($httpVerb);
$sbStringToSign->Append('&');
$sbStringToSign->Append($uriPath);
$sbStringToSign->Append('&');
$sbStringToSign->Append($queryParamsStr);
$sbStringToSign->Append('&');
// Make sure to send the JSON body of a request in compact form..
$json->put_EmitCompact(true);
$sbStringToSign->Append($json->emit());

// Use your API key here:
$your_api_key = 'f9a7c8ebdfd34beaf260d9b0296c7059';

$numReplaced = $sbStringToSign->Replace('YOUR_API_KEY',$your_api_key);
$numReplaced = $sbStringToSign->Replace('UNIX_EPOCH_TIMESTAMP',$unixEpochTimestamp);

// Do the HMAC-SHA256 with your API secret:
$your_api_secret = 'ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d';
$crypt = new CkCrypt2();
$crypt->put_MacAlgorithm('hmac');
$crypt->put_EncodingMode('hexlower');
$crypt->SetMacKeyString($your_api_secret);
$crypt->put_HashAlgorithm('sha256');

$api_signature = $crypt->macStringENC($sbStringToSign->getAsString());
print 'api_signature: ' . $api_signature . "\n";

// --------------------------------------------------------------------
// Here's an example showing how to use the signature in a request:

// Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
$sbStringToSign->Clear();
$sbStringToSign->Append('GET');
$sbStringToSign->Append('&');
$sbStringToSign->Append('/app.shippingeasy.com/api/orders');
$sbStringToSign->Append('&');
$sbStringToSign->Append($queryParamsStr);
$sbStringToSign->Append('&');
// There is no body for a GET request.

$api_signature = $crypt->macStringENC($sbStringToSign->getAsString());

$http = new CkHttp();
$queryParams = new CkJsonObject();

$queryParams->UpdateString('api_signature',$api_signature);
$queryParams->UpdateString('api_timestamp',$unixEpochTimestamp);
$queryParams->UpdateString('api_key',$your_api_key);

// resp is a CkHttpResponse
$resp = $http->QuickRequestParams('GET','https://app.shippingeasy.com/api/orders',$queryParams);
if ($http->get_LastMethodSuccess() == false) {
    print $http->lastErrorText() . "\n";
    exit;
}

print 'response status code = ' . $resp->get_StatusCode() . "\n";
print 'response body:' . "\n";
print $resp->bodyStr() . "\n";


?>