ShopSite Forums

[mark.qbsdkprogrammer]

I am working on an integration with ShopSite.com. The sample code given is in PHP code
I don't know PHP, but I have tried and successfully generated the access_token (Step 1) using C#.Net
I am trying to download the orders and got this error

{ "error": "access_denied", "error_description": "client and server signatures do not match" }

Below is my code

string DownloadOrders()
{
Random random = new Random();
string secretKey = "D054-134B-9959-3FB2";
string token = "MTY0NzUwMTIyOHx3b29kcGFydHN8NnxGaXNoYm93bHw3NzF8";
string downloadUrl = "https://www.example.com/cgi-woodparts/sb/db_xml.cgi";
string port = "443";
string urlPath = "/cgi-woodparts/sb/db_xml.cgi";
string nonce = random.Next(123400, 9999999).ToString();
Int32 unixTimestamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;

StringBuilder signatureBuilder = new StringBuilder();
signatureBuilder.Append(token).Append(Environment.NewLine);
signatureBuilder.Append(unixTimestamp).Append(Environment.NewLine);
signatureBuilder.Append(nonce).Append(Environment.NewLine);
signatureBuilder.Append(Environment.NewLine);
signatureBuilder.Append("POST").Append(Environment.NewLine);
Uri myUri = new Uri(downloadUrl);
string domain = myUri.Host;
signatureBuilder.Append(domain).Append(Environment.NewLine);
signatureBuilder.Append(port).Append(Environment.NewLine);
signatureBuilder.Append(urlPath).Append(Environment.NewLine);
signatureBuilder.Append("clientApp=1").Append(Environment.NewLine);
signatureBuilder.Append("dbname=orders").Append(Environment.NewLine);
signatureBuilder.Append("startdate=11%2F01%2F2021").Append(Environment.NewLine);
signatureBuilder.Append("version=14.0").Append(Environment.NewLine);

string sSign = signatureBuilder.ToString();
string signature = GetHMAC(sSign, secretKey);

string orderUrl = downloadUrl;
var client = new RestClient(orderUrl);
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("token", token);
request.AddParameter("timestamp", unixTimestamp);
request.AddParameter("nonce", nonce);
request.AddParameter("signature", signature);

request.AddParameter("clientApp", "1");
request.AddParameter("dbname", "orders");
request.AddParameter("startdate", "11%2F01%2F2020");
request.AddParameter("version", "14.0");

var response = client.Execute(request);
return response.Content;
}

Please let me know what I am doing wrong. If someone can give me a code example of "signature" part in C# code, that will also help me.

Thanks in advance.
Mark

[cyoung]

You can compare the values from a successful PHP request with what your C# is making. The main errors usually happen in the HMAC. The HMAC should generate a list of numeric bytes which are then Base64 encoded. Most newer languages will normally return a Base16 encoded string for the HMAC. You can investigate the GetHMAC function to make sure the HMAC is Base64 encoded. It should also use SHA-1.

Other than that you can compare the values your code makes with specific values with the ones that are generated by a successful PHP request.


Are you familiar with Postman? (API(application programming interface) development tool which helps to build, test and modify APIs.)

[mark.qbsdkprogrammer]

This is resolved. The startDate parameter was causing the issue.
My client has agreed to use the Start order number parameter. Now the program is working just fine.

Thanks.