Curl- > http req

Hi there,

I've seen the following issue raised by others, but haven't been able to solve it. I need to replicate the following CURL in node-red. This was set up for testing in "postman" - it works (not sure if the header cookie is relevant, it only appeared after several test runs) .

curl --location -g --request POST 'https://api.3commas.io/public/api/v2/smart_trades?account_id=31430770&pair=USDT_BTC&instant=true&position[type]=buy&position[units][value]=0.01&position[order_type]=market' \
--header 'APIKEY: 6085eafd6d494d43b3aa5997d8bd2c1f3beeba7b4c2a419e8d74c7f2d3d0ebaa' \
--header 'Signature: f0d2ff4e8fdd73e193d2aa8f8e719c382b4506855dd5cbd8daf96d11ceeb98a0' \
--header 'Cookie: _mkra_stck=pg%3A1642104837.4985697' \
--data-raw ''

Tried HTTP Request, Function, Change Node configs - I keep getting "bad signature" response because likely there is some variation in the msg load (which is not matching the signature) ...

the signature is HMAC-SHA256 generated using url "/public/api/v2/smart_trades?account_id=31430770&pair=USDT_BTC&instant=true&position[type]=buy&position[units][value]=0.01&position[order_type]=market" and secret key.

So somehow the curl needs to be replicated identically.
Thank you!!

Untested but something like this should work.

[{"id":"d17a881.81b99f8","type":"inject","z":"c791cbc0.84f648","name":"","props":[{"p":"payload"},{"p":"topic","vt":"str"}],"repeat":"","crontab":"","once":false,"onceDelay":0.1,"topic":"","payload":"","payloadType":"date","x":130,"y":860,"wires":[["1f1d03c2.eb22dc"]]},{"id":"1f1d03c2.eb22dc","type":"function","z":"c791cbc0.84f648","name":"","func":"msg.method = \"POST\" \nmsg.url = 'https://api.3commas.io/public/api/v2/smart_trades?account_id=$1430770&pair=USDT_BTC&instant=true&position[type]=buy&position[units][value]=0.01&position[order_type]=market'\n\nmsg.headers ={\n    \"APIKEY\": \"6085eafd6d494d43b3aa5997d8bd2c1f3beeba7b4c2a419e8d74c7f2d3d0eba$\",              \n    \"Signature\": \"f0d2ff4e8fdd73e193d2aa8f8e719c382b4506855dd5cbd8daf96d11ceeb98a0\",\n    \"Cookie\": \"_mkra_stck=pg%3A1642104837.4985697\"\n}\nmsg.payload = ''\nreturn msg;","outputs":1,"noerr":0,"initialize":"","finalize":"","x":290,"y":860,"wires":[["112114bd.3f7bf3"]]},{"id":"112114bd.3f7bf3","type":"http request","z":"c791cbc0.84f648","name":"","method":"use","ret":"txt","paytoqs":"ignore","url":"","tls":"","persist":false,"proxy":"","authType":"","x":470,"y":860,"wires":[["c4f45a89.bcb1d8"]]},{"id":"c4f45a89.bcb1d8","type":"debug","z":"c791cbc0.84f648","name":"","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"false","statusVal":"","statusType":"auto","x":680,"y":860,"wires":[]}]

Thanks, but unfortunately still "{"error":"signature_invalid","error_description":"Provided signature is invalid"}". Here are some code variations from Postman (not sure if it offers any further clues)

CURL

curl --location -g --request POST 'https://api.3commas.io/public/api/v2/smart_trades?account_id=31430770&pair=USDT_BTC&instant=true&position[type]=buy&position[units][value]=0.01&position[order_type]=market' \
--header 'APIKEY: 6085eafd6d494d43b3aa5997d8bd2c1f3beeba7b4c2a419e8d74c7f2d3d0ebaa' \
--header 'Signature: f0d2ff4e8fdd73e193d2aa8f8e719c382b4506855dd5cbd8daf96d11ceeb98a0' \
--header 'Cookie: _mkra_stck=pg%3A1642107911.611406' \
--data-raw ''

HTTP

POST /public/api/v2/smart_trades?account_id=31430770&pair=USDT_BTC&instant=true&position[type]=buy&position[units][value]=0.01&position[order_type]=market HTTP/1.1
Host: api.3commas.io
APIKEY: 6085eafd6d494d43b3aa5997d8bd2c1f3beeba7b4c2a419e8d74c7f2d3d0ebaa
Signature: f0d2ff4e8fdd73e193d2aa8f8e719c382b4506855dd5cbd8daf96d11ceeb98a0
Cookie: _mkra_stck=pg%3A1642107911.611406

JavaScript - jQuery

var settings = {
  "url": "https://api.3commas.io/public/api/v2/smart_trades?account_id=31430770&pair=USDT_BTC&instant=true&position[type]=buy&position[units][value]=0.01&position[order_type]=market",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "APIKEY": "6085eafd6d494d43b3aa5997d8bd2c1f3beeba7b4c2a419e8d74c7f2d3d0ebaa",
    "Signature": "f0d2ff4e8fdd73e193d2aa8f8e719c382b4506855dd5cbd8daf96d11ceeb98a0",
    "Cookie": "_mkra_stck=pg%3A1642107911.611406"
  },
};

$.ajax(settings).done(function (response) {
  console.log(response);
});

NodeJs - Native

var https = require('follow-redirects').https;
var fs = require('fs');

var options = {
  'method': 'POST',
  'hostname': 'api.3commas.io',
  'path': '/public/api/v2/smart_trades?account_id=31430770&pair=USDT_BTC&instant=true&position%5Btype%5D=buy&position%5Bunits%5D%5Bvalue%5D=0.01&position%5Border_type%5D=market',
  'headers': {
    'APIKEY': '6085eafd6d494d43b3aa5997d8bd2c1f3beeba7b4c2a419e8d74c7f2d3d0ebaa',
    'Signature': 'f0d2ff4e8fdd73e193d2aa8f8e719c382b4506855dd5cbd8daf96d11ceeb98a0',
    'Cookie': '_mkra_stck=pg%3A1642107911.611406'
  },
  'maxRedirects': 20
};

var req = https.request(options, function (res) {
  var chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function (chunk) {
    var body = Buffer.concat(chunks);
    console.log(body.toString());
  });

  res.on("error", function (error) {
    console.error(error);
  });
});

req.end();

That suggest the signature is invalid, how did you get the signature?
Is there any documentation on the API?

There was a typo in the account ID - it works - thank you!

3Commas documentation mentions that their API has been implemented in NodeJS (3commas-api-node - npm) and TypeScript (3commas-typescript - npm) wrappers. It seems that the signature generation may be handled internally, which would make life a lot easier (than having to do in in Node Red). Can those be accessed within Node-Red?

You can use external modules. here is the docs
https://nodered.org/docs/user-guide/writing-functions#loading-additional-modules