Difference between revisions of "MtGox/API/HTTP"
(Create) |
(Creation) |
||
Line 3: | Line 3: | ||
* [[MtGox/API/HTTP/v0|Version 0]] | * [[MtGox/API/HTTP/v0|Version 0]] | ||
* [[MtGox/API/HTTP/v1|Version 1]] | * [[MtGox/API/HTTP/v1|Version 1]] | ||
+ | |||
+ | All HTTP API requests are sent to URLs beginning with<nowiki>https://mtgox.com/api/*</nowiki>. It allows placing orders, performing withdrawls, deposits, and other things. | ||
+ | |||
+ | There is a [https://rubygems.org/gems/mtgox|Ruby gem] and a [[Finance::MtGox|Perl module]] available for interacting with the HTTP API. | ||
+ | |||
+ | === Authentication === | ||
+ | |||
+ | |||
+ | Authentication is performed by signing each request using HMAC-SHA512. The request must contain an extra value "nonce" which must be an always incrementing numeric value. A reference implementation is provided here: | ||
+ | <source lang="php"> | ||
+ | <?php | ||
+ | |||
+ | function mtgox_query($path, array $req = array()) { | ||
+ | // API settings | ||
+ | $key = ''; | ||
+ | $secret = ''; | ||
+ | |||
+ | // generate a nonce as microtime, with as-string handling to avoid problems with 32bits systems | ||
+ | $mt = explode(' ', microtime()); | ||
+ | $req['nonce'] = $mt[1].substr($mt[0], 2, 6); | ||
+ | |||
+ | // generate the POST data string | ||
+ | $post_data = http_build_query($req, '', '&'); | ||
+ | |||
+ | // generate the extra headers | ||
+ | $headers = array( | ||
+ | 'Rest-Key: '.$key, | ||
+ | 'Rest-Sign: '.base64_encode(hash_hmac('sha512', $post_data, base64_decode($secret), true)), | ||
+ | ); | ||
+ | |||
+ | // our curl handle (initialize if required) | ||
+ | static $ch = null; | ||
+ | if (is_null($ch)) { | ||
+ | $ch = curl_init(); | ||
+ | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | ||
+ | curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MtGox PHP client; '.php_uname('s').'; PHP/'.phpversion().')'); | ||
+ | } | ||
+ | curl_setopt($ch, CURLOPT_URL, 'https://mtgox.com/api/'.$path); | ||
+ | curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); | ||
+ | curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); | ||
+ | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); | ||
+ | |||
+ | // run the query | ||
+ | $res = curl_exec($ch); | ||
+ | if ($res === false) throw new Exception('Could not get reply: '.curl_error($ch)); | ||
+ | $dec = json_decode($res, true); | ||
+ | if (!$dec) throw new Exception('Invalid data received, please make sure connection is working and requested API exists'); | ||
+ | return $dec; | ||
+ | } | ||
+ | |||
+ | // example 1: get infos about the account, plus the list of rights we have access to | ||
+ | var_dump(mtgox_query('0/info.php')); | ||
+ | |||
+ | // old api (get funds) | ||
+ | var_dump(mtgox_query('0/getFunds.php')); | ||
+ | |||
+ | // trade example | ||
+ | // var_dump(mtgox_query('0/buyBTC.php', array('amount' => 1, 'price' => 15))); | ||
+ | </source> | ||
+ | |||
+ | Python version here: https://bitcointalk.org/index.php?topic=49789.msg592388#msg592388 | ||
+ | |||
+ | === Cache === | ||
+ | |||
+ | All of the API methods below have cached results, ticker, depth . . . have a 10 seconds cache . | ||
+ | No need to poll more often, you wont have more results, you could just be blocked by the prolexic anti ddos features. |
Revision as of 12:47, 28 February 2012
Two versions of the HTTP API are currently available:
All HTTP API requests are sent to URLs beginning withhttps://mtgox.com/api/*. It allows placing orders, performing withdrawls, deposits, and other things.
There is a gem and a Perl module available for interacting with the HTTP API.
Authentication
Authentication is performed by signing each request using HMAC-SHA512. The request must contain an extra value "nonce" which must be an always incrementing numeric value. A reference implementation is provided here:
<?php
function mtgox_query($path, array $req = array()) {
// API settings
$key = '';
$secret = '';
// generate a nonce as microtime, with as-string handling to avoid problems with 32bits systems
$mt = explode(' ', microtime());
$req['nonce'] = $mt[1].substr($mt[0], 2, 6);
// generate the POST data string
$post_data = http_build_query($req, '', '&');
// generate the extra headers
$headers = array(
'Rest-Key: '.$key,
'Rest-Sign: '.base64_encode(hash_hmac('sha512', $post_data, base64_decode($secret), true)),
);
// our curl handle (initialize if required)
static $ch = null;
if (is_null($ch)) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MtGox PHP client; '.php_uname('s').'; PHP/'.phpversion().')');
}
curl_setopt($ch, CURLOPT_URL, 'https://mtgox.com/api/'.$path);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
// run the query
$res = curl_exec($ch);
if ($res === false) throw new Exception('Could not get reply: '.curl_error($ch));
$dec = json_decode($res, true);
if (!$dec) throw new Exception('Invalid data received, please make sure connection is working and requested API exists');
return $dec;
}
// example 1: get infos about the account, plus the list of rights we have access to
var_dump(mtgox_query('0/info.php'));
// old api (get funds)
var_dump(mtgox_query('0/getFunds.php'));
// trade example
// var_dump(mtgox_query('0/buyBTC.php', array('amount' => 1, 'price' => 15)));
Python version here: https://bitcointalk.org/index.php?topic=49789.msg592388#msg592388
Cache
All of the API methods below have cached results, ticker, depth . . . have a 10 seconds cache . No need to poll more often, you wont have more results, you could just be blocked by the prolexic anti ddos features.