0

In my application, I use the async/await logic for working with an API.

The problem is I can’t figure out why the check() function works with no hassle:

const KEY    = 'my key';
const SECRET = 'my secret';

function getSign(form) {
  return crypto.createHmac('sha512', SECRET).update(form).digest('hex').toString();
}

async function check() {
  let form    = {};
  let header  = {'Content-Type':'application/x-www-form-urlencoded'};
  header.KEY  = KEY;
  header.SIGN = await getSign(querystring.stringify(form));

  // Checking the state (works)!
  let info = await fetch(API_TRADE_URL + OPENORDERS_URL, { method:'POST', headers:header, form:form })
      info = info.json();

  return info;
}

… while the placeOrder() function fails and the API sends a message there is a problem with KEY/SECRET (Invalid data):

async function placeOrder ( currencyPair, rate, amount ) {
  let form     = { 'currencyPair':currencyPair, 'rate':rate, 'amount':amount };
  let header   = {};
  header.KEY   = KEY;
  header.SIGN  = getSign(querystring.stringify(form));

  // Here I am placing the order (does not work!)
  let orderRes = await fetch(API_TRADE_URL + BUY_URL, { method:'POST', headers:header, form:form } );
      orderRes = orderRes.json();
  return orderRes;
}

I was suspicious about the KEY/SECRET pair or the getSign() function but the buy() function (based on Node’s request) provided as a demo on the API’s site (the function which I am trying to mimic) works as expected:

function buy(currencyPair, rate, amount, cp) {
   let form = {'currencyPair':currencyPair,'rate':rate,'amount':amount};
   let header = {};
   header.KEY = KEY;
   header.SIGN = getSign(querystring.stringify(form));

   // Here I am placing the order (works!)
   Request({method: 'POST', url: API_TRADE_URL + BUY_URL, headers: header, form:form }, function (res) { console.log(res) });
 }

The important thing here is I don’t want to use the buy() function because I need to work without callbacks here. I use the same data, the same logic (working in the check() function mentioned above) but it fails in the case of the placeOrder function.

Honza Hejzl
  • 874
  • 8
  • 23
  • 1
    it would help to know what third party your trying to access so we can read it's documentation. – Darkrum Apr 08 '18 at 14:34
  • What status code are you getting on placeOrder?, 400 or 401/403?. It's hard for us to help you if we can't reproduce the error, since we don't know what API you're using. – Marcos Casagrande Apr 08 '18 at 14:37
  • Thank you! [Here](https://gate.io/api2) is the API docs. [Here](https://gate.io/api2) is the demo. As for the status code, the API responds with 200, but it rejects my logging information as `Invalid data`. – Honza Hejzl Apr 08 '18 at 14:46
  • what logging information? Show where you're getting 'Invalid data'. If the API response with 200, I doubt the fetch isn't working. – Marcos Casagrande Apr 08 '18 at 16:16
  • Oh, I guess I’d better say credentials or so. Key/secret encoded by the `getSign` function. It seems the API rejects this peice of information. In the case of the `check` function it accepts them. I send the request, the API responds succesfully but does not accept the credentials (the cipher) but it should as it does if I use the Request method. – Honza Hejzl Apr 08 '18 at 16:28

0 Answers0