Kucoin
Invalid KC-API-SIGN when sending an order using Restful API
public void postKubiOrder(String url) { CloseableHttpClient httpclient = HttpClients.createDefault(); HttpPost httpPost = new HttpPost(url); long nowts = Calendar.getInstance().getTimeInMillis();
//Request body
JSONObject jsonObject = new JSONObject();
try {
jsonObject.put("clientOid", UUID.randomUUID().toString());
jsonObject.put("side", "sell");
jsonObject.put("size", "10");
jsonObject.put("symbol", "MAP-USDT");
jsonObject.put("type", "market");
} catch (JSONException jsonExcepton) {
System.out.println("construct post body occurred JSONException:" + jsonExcepton.getMessage());
return;
}
String signStr = String.valueOf(nowts).concat("POST" + "/api/v1/orders").concat(jsonObject.toString());
System.out.println("signStr:" + signStr);
String sha256MacStr = sha256_HMAC(signStr, KC_API_SECRET);
System.out.println("sha256MacStr:" + sha256MacStr);
String base64Str = Base64.getEncoder().encodeToString(sha256MacStr.getBytes());
System.out.println("base64Str:" + base64Str);
//request header
httpPost.addHeader("Accept", "application/json");
httpPost.addHeader("Content-Type", "application/json");
httpPost.addHeader("KC-API-PASSPHRASE", KC_API_PASSPHRASE);
httpPost.addHeader("KC-API-KEY", KC_API_KEY);
httpPost.addHeader("KC-API-TIMESTAMP", String.valueOf(nowts));
httpPost.addHeader("KC-API-SIGN", base64Str);
StringEntity strEntity = new StringEntity(jsonObject.toString(), "utf-8");
httpPost.setEntity(strEntity);
CloseableHttpResponse response = null;
try {
response = httpclient.execute(httpPost);
} catch (IOException e) {
e.printStackTrace();
}
//4.处理结果,这里将结果返回为字符串
HttpEntity entity1 = response.getEntity();
String result = null;
try {
result = EntityUtils.toString(entity1);
} catch (ParseException | IOException e) {
e.printStackTrace();
}
System.out.println("result:" + result);
// return result; }
public static void main(String[] args) { String url = "https://api.kucoin.com/api/v1/orders"; ExchangeTradeServiceImpl exchangeTradeService = new ExchangeTradeServiceImpl(); exchangeTradeService.postKubiOrder(url); }
OUTPUT for this test:
signStr:1583485900489POST/api/v1/orders{"clientOid":"b471b25d-22a3-4618-8137-74e0beff83c6","side":"sell","size":"10","symbol":"MAP-USDT","type":"market"} sha256MacStr:d55dbb1b882aac38be5353de34e049290b22a891a275b36cf9b03514ec40b4ca base64Str:ZDU1ZGJiMWI4ODJhYWMzOGJlNTM1M2RlMzRlMDQ5MjkwYjIyYTg5MWEyNzViMzZjZjliMDM1MTRlYzQwYjRjYQ== 17:11:40.530 [main] DEBUG org.apache.http.client.protocol.RequestAddCookies - CookieSpec selected: default 17:11:40.539 [main] DEBUG org.apache.http.client.protocol.RequestAuthCache - Auth cache not set in the context 17:11:40.540 [main] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://api.kucoin.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20] 17:11:40.551 [main] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection leased: [id: 0][route: {s}->https://api.kucoin.com:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20] 17:11:40.552 [main] DEBUG org.apache.http.impl.execchain.MainClientExec - Opening connection {s}->https://api.kucoin.com:443 17:11:40.574 [main] DEBUG org.apache.http.impl.conn.DefaultHttpClientConnectionOperator - Connecting to api.kucoin.com/143.204.83.77:443 17:11:40.574 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - Connecting socket to api.kucoin.com/143.204.83.77:443 with timeout 0 17:11:40.622 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2] 17:11:40.622 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 17:11:40.622 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - Starting handshake 17:11:41.281 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - Secure session established 17:11:41.282 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - negotiated protocol: TLSv1.2 17:11:41.282 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 17:11:41.282 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - peer principal: CN=.kucoin.com, OU=Domain Control Validated 17:11:41.283 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - peer alternative names: [.kucoin.com, kucoin.com] 17:11:41.283 [main] DEBUG org.apache.http.conn.ssl.SSLConnectionSocketFactory - issuer principal: CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US 17:11:41.291 [main] DEBUG org.apache.http.impl.conn.DefaultHttpClientConnectionOperator - Connection established 127.0.0.1:54527<->143.204.83.77:443 17:11:41.291 [main] DEBUG org.apache.http.impl.execchain.MainClientExec - Executing request POST /api/v1/orders HTTP/1.1 17:11:41.291 [main] DEBUG org.apache.http.impl.execchain.MainClientExec - Target auth state: UNCHALLENGED 17:11:41.292 [main] DEBUG org.apache.http.impl.execchain.MainClientExec - Proxy auth state: UNCHALLENGED 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> POST /api/v1/orders HTTP/1.1 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Accept: application/json 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Content-Type: application/json 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> KC-API-PASSPHRASE: 15810270416 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> KC-API-KEY: 5e61e5ea83dd3600087400b0 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> KC-API-TIMESTAMP: 1583485900489 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> KC-API-SIGN: ZDU1ZGJiMWI4ODJhYWMzOGJlNTM1M2RlMzRlMDQ5MjkwYjIyYTg5MWEyNzViMzZjZjliMDM1MTRlYzQwYjRjYQ== 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Content-Length: 114 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Host: api.kucoin.com 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Connection: Keep-Alive 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_222) 17:11:41.294 [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Accept-Encoding: gzip,deflate 17:11:41.294 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "POST /api/v1/orders HTTP/1.1[\r][\n]" 17:11:41.294 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Accept: application/json[\r][\n]" 17:11:41.294 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Content-Type: application/json[\r][\n]" 17:11:41.294 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "KC-API-PASSPHRASE: 15810270416[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "KC-API-KEY: 5e61e5ea83dd3600087400b0[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "KC-API-TIMESTAMP: 1583485900489[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "KC-API-SIGN: ZDU1ZGJiMWI4ODJhYWMzOGJlNTM1M2RlMzRlMDQ5MjkwYjIyYTg5MWEyNzViMzZjZjliMDM1MTRlYzQwYjRjYQ==[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Content-Length: 114[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Host: api.kucoin.com[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_222)[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "[\r][\n]" 17:11:41.295 [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "{"clientOid":"b471b25d-22a3-4618-8137-74e0beff83c6","side":"sell","size":"10","symbol":"MAP-USDT","type":"market"}" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "HTTP/1.1 401 [\r][\n]" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Content-Type: application/json;charset=UTF-8[\r][\n]" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Transfer-Encoding: chunked[\r][\n]" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Connection: keep-alive[\r][\n]" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Date: Fri, 06 Mar 2020 09:12:20 GMT[\r][\n]" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Set-Cookie: AWSALB=NV3WC/xzTErLkWmsKVBp//u5G3Cc2V6Mu3M98C5/Fs00V9ia9LJNauuAnxz6fQS1LRqTKUrXI8VFT2GXfU7uCZ/CFgShyOLzcTjmNpuAKH5KoRCO/Y/Z2tdQ8WO/; Expires=Fri, 13 Mar 2020 09:12:20 GMT; Path=/[\r][\n]" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Set-Cookie: AWSALBCORS=NV3WC/xzTErLkWmsKVBp//u5G3Cc2V6Mu3M98C5/Fs00V9ia9LJNauuAnxz6fQS1LRqTKUrXI8VFT2GXfU7uCZ/CFgShyOLzcTjmNpuAKH5KoRCO/Y/Z2tdQ8WO/; Expires=Fri, 13 Mar 2020 09:12:20 GMT; Path=/; SameSite=None; Secure[\r][\n]" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "code: 400005[\r][\n]" 17:11:41.428 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "X-TRACE-ID: 56796fc36557f64c[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "X-Content-Type-Options: nosniff[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "X-XSS-Protection: 1; mode=block[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Cache-Control: no-cache, no-store, max-age=0, must-revalidate[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Expires: 0[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "X-Frame-Options: DENY[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Server: -[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "X-Cache: Error from cloudfront[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Via: 1.1 390641c56ef5ff8b95f0703aa85527fb.cloudfront.net (CloudFront)[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "X-Amz-Cf-Pop: NRT12-C2[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "X-Amz-Cf-Id: Xt8gnmjtK0ZlplPzlLy1MA9paGFVmHYsU3ipXjik1b0NLjgBypxe7g==[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "[\r][\n]" 17:11:41.429 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "2d[\r][\n]" 17:11:41.430 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "{"code":"400005","msg":"Invalid KC-API-SIGN"}[\r][\n]" 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << HTTP/1.1 401 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Content-Type: application/json;charset=UTF-8 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Transfer-Encoding: chunked 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Connection: keep-alive 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Date: Fri, 06 Mar 2020 09:12:20 GMT 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Set-Cookie: AWSALB=NV3WC/xzTErLkWmsKVBp//u5G3Cc2V6Mu3M98C5/Fs00V9ia9LJNauuAnxz6fQS1LRqTKUrXI8VFT2GXfU7uCZ/CFgShyOLzcTjmNpuAKH5KoRCO/Y/Z2tdQ8WO/; Expires=Fri, 13 Mar 2020 09:12:20 GMT; Path=/ 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Set-Cookie: AWSALBCORS=NV3WC/xzTErLkWmsKVBp//u5G3Cc2V6Mu3M98C5/Fs00V9ia9LJNauuAnxz6fQS1LRqTKUrXI8VFT2GXfU7uCZ/CFgShyOLzcTjmNpuAKH5KoRCO/Y/Z2tdQ8WO/; Expires=Fri, 13 Mar 2020 09:12:20 GMT; Path=/; SameSite=None; Secure 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << code: 400005 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << X-TRACE-ID: 56796fc36557f64c 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << X-Content-Type-Options: nosniff 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << X-XSS-Protection: 1; mode=block 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Cache-Control: no-cache, no-store, max-age=0, must-revalidate 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Expires: 0 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << X-Frame-Options: DENY 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Server: - 17:11:41.433 [main] DEBUG org.apache.http.headers - http-outgoing-0 << X-Cache: Error from cloudfront 17:11:41.434 [main] DEBUG org.apache.http.headers - http-outgoing-0 << Via: 1.1 390641c56ef5ff8b95f0703aa85527fb.cloudfront.net (CloudFront) 17:11:41.434 [main] DEBUG org.apache.http.headers - http-outgoing-0 << X-Amz-Cf-Pop: NRT12-C2 17:11:41.434 [main] DEBUG org.apache.http.headers - http-outgoing-0 << X-Amz-Cf-Id: Xt8gnmjtK0ZlplPzlLy1MA9paGFVmHYsU3ipXjik1b0NLjgBypxe7g== 17:11:41.438 [main] DEBUG org.apache.http.impl.execchain.MainClientExec - Connection can be kept alive indefinitely 17:11:41.438 [main] DEBUG org.apache.http.impl.auth.HttpAuthenticator - Authentication required 17:11:41.438 [main] DEBUG org.apache.http.impl.auth.HttpAuthenticator - api.kucoin.com:443 requested authentication 17:11:41.438 [main] DEBUG org.apache.http.impl.auth.HttpAuthenticator - Response contains no authentication challenges 17:11:41.444 [main] WARN org.apache.http.client.protocol.ResponseProcessCookies - Invalid cookie header: "Set-Cookie: AWSALB=NV3WC/xzTErLkWmsKVBp//u5G3Cc2V6Mu3M98C5/Fs00V9ia9LJNauuAnxz6fQS1LRqTKUrXI8VFT2GXfU7uCZ/CFgShyOLzcTjmNpuAKH5KoRCO/Y/Z2tdQ8WO/; Expires=Fri, 13 Mar 2020 09:12:20 GMT; Path=/". Invalid 'expires' attribute: Fri, 13 Mar 2020 09:12:20 GMT 17:11:41.444 [main] WARN org.apache.http.client.protocol.ResponseProcessCookies - Invalid cookie header: "Set-Cookie: AWSALBCORS=NV3WC/xzTErLkWmsKVBp//u5G3Cc2V6Mu3M98C5/Fs00V9ia9LJNauuAnxz6fQS1LRqTKUrXI8VFT2GXfU7uCZ/CFgShyOLzcTjmNpuAKH5KoRCO/Y/Z2tdQ8WO/; Expires=Fri, 13 Mar 2020 09:12:20 GMT; Path=/; SameSite=None; Secure". Invalid 'expires' attribute: Fri, 13 Mar 2020 09:12:20 GMT 17:11:41.445 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "0[\r][\n]" 17:11:41.445 [main] DEBUG org.apache.http.wire - http-outgoing-0 << "[\r][\n]" 17:11:41.445 [main] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection [id: 0][route: {s}->https://api.kucoin.com:443] can be kept alive indefinitely 17:11:41.445 [main] DEBUG org.apache.http.impl.conn.DefaultManagedHttpClientConnection - http-outgoing-0: set socket timeout to 0 17:11:41.445 [main] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection released: [id: 0][route: {s}->https://api.kucoin.com:443][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20] result:{"code":"400005","msg":"Invalid KC-API-SIGN"}
Process finished with exit code 0
