(VBScript) ShippingEasy.com Calculate Signature for API Authentication

Demonstrates how to calculate the shippingeasy.com API signature for authenticating requests.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

Dim fso, outFile
Set fso = CreateObject("Scripting.FileSystemObject")
'Create a Unicode (utf-16) output text file.
Set outFile = fso.CreateTextFile("output.txt", True, True)

' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' 
' First, concatenate these into a plaintext string using the following order:
' 
'     Capitilized method of the request. E.g. "POST"
'     The URI path
'     The query parameters sorted alphabetically and concatenated together into a URL friendly format: param1=ABC&param2=XYZ
'     The request body as a string if one exists
'     All parts are then concatenated together with an ampersand. The result resembles something like this:
' 
' "POST&/partners/api/accounts&api_key=f9a7c8ebdfd34beaf260d9b0296c7059&api_timestamp=1401803554&{ ... request body ... }"

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.StringBuilder")
set sbStringToSign = CreateObject("Chilkat.StringBuilder")

httpVerb = "POST"
uriPath = "/partners/api/accounts"
queryParamsStr = "api_key=YOUR_API_KEY&api_timestamp=UNIX_EPOCH_TIMESTAMP"

' Build the following JSON that will be the body of the request:

' {
'   "account": {
'     "first_name": "Coralie",
'     "last_name": "Waelchi",
'     "company_name": "Hegmann, Cremin and Bradtke",
'     "email": "se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com",
'     "phone_number": "1-381-014-3358",
'     "address": "2476 Flo Inlet",
'     "address2": "",
'     "state": "SC",
'     "city": "North Dennis",
'     "postal_code": "29805",
'     "country": "USA",
'     "password": "abc123",
'     "subscription_plan_code": "starter"
'   }
' }

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.JsonObject")
set json = CreateObject("Chilkat.JsonObject")
success = json.UpdateString("account.first_name","Coralie")
success = json.UpdateString("account.last_name","Waelchi")
success = json.UpdateString("account.company_name","Hegmann, Cremin and Bradtke")
success = json.UpdateString("account.email","se_greg_6d477b1e59e8ff24abadfb59d3a2de3e@shippingeasy.com")
success = json.UpdateString("account.phone_number","1-381-014-3358")
success = json.UpdateString("account.address","2476 Flo Inlet")
success = json.UpdateString("account.address2","")
success = json.UpdateString("account.state","SC")
success = json.UpdateString("account.city","North Dennis")
success = json.UpdateString("account.postal_code","29805")
success = json.UpdateString("account.country","USA")
success = json.UpdateString("account.password","abc123")
success = json.UpdateString("account.subscription_plan_code","starter")

json.EmitCompact = 0
outFile.WriteLine(json.Emit())

' First, let's get the current date/time in the Unix Epoch Timestamp format (which is just an integer)
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.CkDateTime")
set dt = CreateObject("Chilkat.CkDateTime")
success = dt.SetFromCurrentSystemTime()
' Get the UTC time.
bLocalTime = 0
unixEpochTimestamp = dt.GetAsUnixTimeStr(bLocalTime)

' Build the string to sign:
success = sbStringToSign.Append(httpVerb)
success = sbStringToSign.Append("&")
success = sbStringToSign.Append(uriPath)
success = sbStringToSign.Append("&")
success = sbStringToSign.Append(queryParamsStr)
success = sbStringToSign.Append("&")
' Make sure to send the JSON body of a request in compact form..
json.EmitCompact = 1
success = sbStringToSign.Append(json.Emit())

' Use your API key here:
your_api_key = "f9a7c8ebdfd34beaf260d9b0296c7059"

numReplaced = sbStringToSign.Replace("YOUR_API_KEY",your_api_key)
numReplaced = sbStringToSign.Replace("UNIX_EPOCH_TIMESTAMP",unixEpochTimestamp)

' Do the HMAC-SHA256 with your API secret:
your_api_secret = "ea210785fa4656af03c2e4ffcc2e7b5fc19f1fba577d137905cc97e74e1df53d"
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Crypt2")
set crypt = CreateObject("Chilkat.Crypt2")
crypt.MacAlgorithm = "hmac"
crypt.EncodingMode = "hexlower"
success = crypt.SetMacKeyString(your_api_secret)
crypt.HashAlgorithm = "sha256"

api_signature = crypt.MacStringENC(sbStringToSign.GetAsString())
outFile.WriteLine("api_signature: " & api_signature)

' --------------------------------------------------------------------
' Here's an example showing how to use the signature in a request:

' Build a new string-to-sign and create a new api_signature for the actual request we'll be sending...
sbStringToSign.Clear 
success = sbStringToSign.Append("GET")
success = sbStringToSign.Append("&")
success = sbStringToSign.Append("/app.shippingeasy.com/api/orders")
success = sbStringToSign.Append("&")
success = sbStringToSign.Append(queryParamsStr)
success = sbStringToSign.Append("&")
' There is no body for a GET request.

api_signature = crypt.MacStringENC(sbStringToSign.GetAsString())

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Http")
set http = CreateObject("Chilkat.Http")
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.JsonObject")
set queryParams = CreateObject("Chilkat.JsonObject")

success = queryParams.UpdateString("api_signature",api_signature)
success = queryParams.UpdateString("api_timestamp",unixEpochTimestamp)
success = queryParams.UpdateString("api_key",your_api_key)

' resp is a Chilkat.HttpResponse
Set resp = http.QuickRequestParams("GET","https://app.shippingeasy.com/api/orders",queryParams)
If (http.LastMethodSuccess = 0) Then
    outFile.WriteLine(http.LastErrorText)
    WScript.Quit
End If

outFile.WriteLine("response status code = " & resp.StatusCode)
outFile.WriteLine("response body:")
outFile.WriteLine(resp.BodyStr)


outFile.Close