Difference between revisions of "MtGox/API/HTTP"

From Bitcoin Wiki
Jump to: navigation, search
(Add info on response format)
(Summary)
Line 6: Line 6:
 
== Summary ==
 
== Summary ==
  
All HTTP API requests are sent to URLs beginning with<nowiki>https://mtgox.com/api/*</nowiki>. It allows placing orders, performing withdrawls, deposits, and other things. All responses are in [http://json.org/ JSON] format.
+
All HTTP API requests are sent to URLs beginning with <nowiki>https://mtgox.com/api/*</nowiki>. It allows placing orders, performing withdrawls, deposits, and other things. All responses are in [http://json.org/ JSON] format.
  
 
There is a [https://rubygems.org/gems/mtgox Ruby gem] and a [[Finance::MtGox|Perl module]] available for interacting with the HTTP API.
 
There is a [https://rubygems.org/gems/mtgox Ruby gem] and a [[Finance::MtGox|Perl module]] available for interacting with the HTTP API.

Revision as of 13:21, 28 February 2012

Two versions of the HTTP API are currently available, see the following pages for details on the methods available for each:

Summary

All HTTP API requests are sent to URLs beginning with https://mtgox.com/api/*. It allows placing orders, performing withdrawls, deposits, and other things. All responses are in JSON format.

There is a Ruby gem and a Perl module available for interacting with the HTTP API.

Cache

All API methods are cached for 10 seconds. Do not request results more often than that, you might be blocked by the anti-DDoS filters.

Authentication

Authentication is performed by signing each request using HMAC-SHA512. The request must contain an extra value "nonce" which must be an always incrementing numeric value. A reference implementation is provided here:

<?php

function mtgox_query($path, array $req = array()) {
	// API settings
	$key = '';
	$secret = '';

	// generate a nonce as microtime, with as-string handling to avoid problems with 32bits systems
	$mt = explode(' ', microtime());
	$req['nonce'] = $mt[1].substr($mt[0], 2, 6);

	// generate the POST data string
	$post_data = http_build_query($req, '', '&');

	// generate the extra headers
	$headers = array(
		'Rest-Key: '.$key,
		'Rest-Sign: '.base64_encode(hash_hmac('sha512', $post_data, base64_decode($secret), true)),
	);

	// our curl handle (initialize if required)
	static $ch = null;
	if (is_null($ch)) {
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MtGox PHP client; '.php_uname('s').'; PHP/'.phpversion().')');
	}
	curl_setopt($ch, CURLOPT_URL, 'https://mtgox.com/api/'.$path);
	curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
	curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

	// run the query
	$res = curl_exec($ch);
	if ($res === false) throw new Exception('Could not get reply: '.curl_error($ch));
	$dec = json_decode($res, true);
	if (!$dec) throw new Exception('Invalid data received, please make sure connection is working and requested API exists');
	return $dec;
}

// example 1: get infos about the account, plus the list of rights we have access to
var_dump(mtgox_query('0/info.php'));

// old api (get funds)
var_dump(mtgox_query('0/getFunds.php'));

// trade example
// var_dump(mtgox_query('0/buyBTC.php', array('amount' => 1, 'price' => 15)));

Python version here: https://bitcointalk.org/index.php?topic=49789.msg592388#msg592388