Binance API Signature with Google Scripts

Question

I am stuck on how to correctlly include the signitue into my get command based off of the Binance API within Google Scripts. What it states is

SIGNED endpoints require an additional parameter, signature, to be sent in the query string or request body. Endpoints use HMAC SHA256 signatures. The HMAC SHA256 signature is a keyed HMAC SHA256 operation. Use your secretKey as the key and totalParams as the value for the HMAC operation. The signature is not case sensitive. totalParams is defined as the query string concatenated with the request body.

What I have is:

function BinanceTrades() {
  var curTime = Number(new Date().getTime()).toFixed(0)
  var sKey = Utilities.computeHmacSha256Signature('symbol=LTCBTC&timestamp=' + curTime, '**mySeceretKey**');
  Logger.log(sKey)
  var headers = {'X-MBX-APIKEY': '**myKey**'}
  var data = UrlFetchApp.fetch("https://api.binance.com/api/v3/allOrders?signature=" + sKey + "&symbol=LTCBTC&timestamp=" + curTime, {'headers' : headers})
  Logger.log(data)
}

and the error I get is:

{"code":-1100,"msg":"Illegal characters found in parameter 'signature'; legal range is '^[A-Fa-f0-9]{64}$'."}

I am unsure of how to compute the HMAC SHA256 correctly and incorporate the totalParams.

My previous post was this.

score 7 · Accepted Answer · answered Jan 10 '18 at 22:45

How about these modifications?

Modification points :

From the manual you provided

In your case, the string which is used for the signature is "symbol=LTCBTC&timestamp=" + curTime.
The signature is the string of the unsigned hexadecimal.
- But at Google Apps Script, the data which was encrypted by Utilities.computeHmacSha256Signature() is the bytes array of the signed hexadecimal.

The modified script which reflected above points is as follows.

Modified script :

function BinanceTrades() {
  var key = '**myKey**';
  var secret = '**mySeceretKey**';

  var curTime = Number(new Date().getTime()).toFixed(0);
  var string = "symbol=LTCBTC&timestamp=" + curTime;
  var sKey = Utilities.computeHmacSha256Signature(string, secret);
  sKey = sKey.map(function(e) {
      var v = (e < 0 ? e + 256 : e).toString(16);
      return v.length == 1 ? "0" + v : v;
  }).join("");
  var params = {
    'method': 'get',
    'headers': {'X-MBX-APIKEY': key},
    'muteHttpExceptions': true
  };
  var url = "https://api.binance.com/api/v3/allOrders?" + string + "&signature=" + sKey;
  var data = UrlFetchApp.fetch(url, params);
  Logger.log(data.getContentText())
}

Note :

About the encryption of signature, it has already confirmed that this script works fine from the manual you provided.
I have no account for binance.com. So I couldn't run this script. I'm sorry.
- When you run this script, if the error occurs, can you show me the error messages?

Thank you, This runs and looks to pull the data that I needed. — Kayracer, Jan 11 '18 at 16:50
@Kayracer Welcome. I could study from your question. Thank you, too. — Tanaike, Jan 11 '18 at 21:55
Thank you for this, really, saved me a lot of time and trouble someone having already figured this out. — Mark Kramer, Feb 26 '18 at 20:08
@Mark Kramer I'm glad your issue was solved. Thank you for your comment! — Tanaike, Feb 26 '18 at 22:11

Binance API Signature with Google Scripts

1 Answers1

Modification points :

Modified script :

Note :

Linked