Sample code for 30+ languages & platforms
SQL Server

ShippingEasy.com Calculate Signature for API Authentication

See more HTTP Misc Examples

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- 
    -- First, concatenate these into a plaintext string using the following order:
    -- 
    --     Capitilized method of the request. E.g. "POST"
    --     The URI path
    --     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
    --     The request body as a string if one exists
    --     All parts are then concatenated together with an ampersand. The result resembles something like this:
    -- 
    -- "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

    DECLARE @sbStringToSign int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbStringToSign OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @httpVerb nvarchar(4000)
    SELECT @httpVerb = 'POST'
    DECLARE @uriPath nvarchar(4000)
    SELECT @uriPath = '/partners/api/accounts'
    DECLARE @queryParamsStr nvarchar(4000)
    SELECT @queryParamsStr = 'api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP'

    -- Build the following JSON that will be the body of the request:

    -- {
    --   "account": {
    --     "first_name": "Coralie",
    --     "last_name": "Waelchi",
    --     "company_name": "Hegmann, Cremin and Bradtke",
    --     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
    --     "phone_number": "1-381-014-3358",
    --     "address": "2476 Flo Inlet",
    --     "address2": "",
    --     "state": "SC",
    --     "city": "North Dennis",
    --     "postal_code": "29805",
    --     "country": "USA",
    --     "password": "abc123",
    --     "subscription_plan_code": "starter"
    --   }
    -- }

    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.first_name', 'Coralie'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.last_name', 'Waelchi'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.company_name', 'Hegmann, Cremin and Bradtke'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.email', 'se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.phone_number', '1-381-014-3358'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.address', '2476 Flo Inlet'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.address2', ''
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.state', 'SC'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.city', 'North Dennis'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.postal_code', '29805'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.country', 'USA'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.password', 'abc123'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'account.subscription_plan_code', 'starter'

    EXEC sp_OASetProperty @json, 'EmitCompact', 0
    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    PRINT @sTmp0

    -- First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
    DECLARE @dt int
    EXEC @hr = sp_OACreate 'Chilkat.CkDateTime', @dt OUT

    EXEC sp_OAMethod @dt, 'SetFromCurrentSystemTime', @success OUT
    -- Get the UTC time.
    DECLARE @bLocalTime int
    SELECT @bLocalTime = 0
    DECLARE @unixEpochTimestamp nvarchar(4000)
    EXEC sp_OAMethod @dt, 'GetAsUnixTimeStr', @unixEpochTimestamp OUT, @bLocalTime

    -- Build the string to sign:
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, @httpVerb
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, '&'
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, @uriPath
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, '&'
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, @queryParamsStr
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, '&'
    -- Make sure to send the JSON body of a request in compact form..
    EXEC sp_OASetProperty @json, 'EmitCompact', 1
    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, @sTmp0

    -- Use your API key here:
    DECLARE @your_api_key nvarchar(4000)
    SELECT @your_api_key = 'f9a7c8ebdfd34beaf260d9b0296c7059'

    DECLARE @numReplaced int
    EXEC sp_OAMethod @sbStringToSign, 'Replace', @numReplaced OUT, 'YOUR_API_KEY', @your_api_key
    EXEC sp_OAMethod @sbStringToSign, 'Replace', @numReplaced OUT, 'UNIX_EPOCH_TIMESTAMP', @unixEpochTimestamp

    -- Do the HMAC-SHA256 with your API secret:
    DECLARE @your_api_secret nvarchar(4000)
    SELECT @your_api_secret = 'ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d'
    DECLARE @crypt int
    EXEC @hr = sp_OACreate 'Chilkat.Crypt2', @crypt OUT

    EXEC sp_OASetProperty @crypt, 'MacAlgorithm', 'hmac'
    EXEC sp_OASetProperty @crypt, 'EncodingMode', 'hexlower'
    EXEC sp_OAMethod @crypt, 'SetMacKeyString', @success OUT, @your_api_secret
    EXEC sp_OASetProperty @crypt, 'HashAlgorithm', 'sha256'

    DECLARE @api_signature nvarchar(4000)
    EXEC sp_OAMethod @sbStringToSign, 'GetAsString', @sTmp0 OUT
    EXEC sp_OAMethod @crypt, 'MacStringENC', @api_signature OUT, @sTmp0

    PRINT 'api_signature: ' + @api_signature

    -- --------------------------------------------------------------------
    -- Here's an example showing how to use the signature in a request:

    -- Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
    EXEC sp_OAMethod @sbStringToSign, 'Clear', NULL
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, 'GET'
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, '&'
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, '/app.shippingeasy.com/api/orders'
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, '&'
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, @queryParamsStr
    EXEC sp_OAMethod @sbStringToSign, 'Append', @success OUT, '&'
    -- There is no body for a GET request.

    EXEC sp_OAMethod @sbStringToSign, 'GetAsString', @sTmp0 OUT
    EXEC sp_OAMethod @crypt, 'MacStringENC', @api_signature OUT, @sTmp0

    DECLARE @http int
    EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT

    DECLARE @queryParams int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @queryParams OUT

    EXEC sp_OAMethod @queryParams, 'UpdateString', @success OUT, 'api_signature', @api_signature
    EXEC sp_OAMethod @queryParams, 'UpdateString', @success OUT, 'api_timestamp', @unixEpochTimestamp
    EXEC sp_OAMethod @queryParams, 'UpdateString', @success OUT, 'api_key', @your_api_key

    DECLARE @resp int
    EXEC @hr = sp_OACreate 'Chilkat.HttpResponse', @resp OUT

    EXEC sp_OAMethod @http, 'HttpParams', @success OUT, 'GET', 'https://app.shippingeasy.com/api/orders', @queryParams, @resp
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @sbStringToSign
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @dt
        EXEC @hr = sp_OADestroy @crypt
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @queryParams
        EXEC @hr = sp_OADestroy @resp
        RETURN
      END


    EXEC sp_OAGetProperty @resp, 'StatusCode', @iTmp0 OUT
    PRINT 'response status code = ' + @iTmp0

    PRINT 'response body:'
    EXEC sp_OAGetProperty @resp, 'BodyStr', @sTmp0 OUT
    PRINT @sTmp0

    EXEC @hr = sp_OADestroy @sbStringToSign
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @dt
    EXEC @hr = sp_OADestroy @crypt
    EXEC @hr = sp_OADestroy @http
    EXEC @hr = sp_OADestroy @queryParams
    EXEC @hr = sp_OADestroy @resp


END
GO