Is the Mt Gox POST API working? [SOLVED]

[SlipperySlope]

I am developing a Java API for Mt Gox.  I have the GET methods working fine, i.e.

Ticker Data:   https://mtgox.com/code/data/ticker.php

But I get {"error":"Must be logged in"} when testing from Java.  I can see all the details of the HTTPS communication using the curl utility on linux, which gets the same error message ...

Code:

curl -v -k --referer http://bitcoin.org --cookie-jar cookies.txt https://mtgox.com/code/data/ticker.php

curl -v -k --referer http://bitcoin.org --cookie cookies.txt --cookie-jar cookies.txt  --data-urlencode "name=XXX&pass=YYY" -H "Accept: application/json" https://mtgox.com/code/getFunds.php

The first curl command gets the Mt Gox ticker OK, Note that the SESSION_ID from the ticker GET is sent back to the Mt Gox server with the subsequent POST via curl's cookie options. The second curl command responds with the above mentioned error.

I may have to resort to screen scraping the Mt Gox web pages, i.e. pretending to be a web browser if I cannot get the Mt Gox trading API to work for POSTs.

Any help would be appreciated, - if you do not know how your script works, just knowing that someone has a working script to obtain Mt Gox balances would be useful.

[1715364127]

1715364127

[SlipperySlope]

OK so I traced the HTTPS headers and contents from my web login to Mt Gox.  The Google Chrome browser has a Network diagnostics screen in its Developer Tools menu.  From there I could inspect the headers and contents sent to Mt Gox as I logged in using their web interface.  I found to my delight that I could copy the POST content from the web login screen and obtain a valid login using the linux curl utility.  Following the login, the Mt Gox trade API POST command getFunds worked OK.

Here is the sequence of HTTPS commands that I used.  I expect that I can get them running also in Java now that I know what Mt Gox accepts.

Code:

curl -v -k --referer http://mtgox.com --cookie-jar cookies.txt https://mtgox.com/users/login

curl -v -k --referer https://mtgox.com/users/login --cookie-jar cookies.txt --data "login%5BUser%5D=XXX&login%5BPassword%5D=YYY" https://mtgox.com/users/login 

curl -v -k --referer https://mtgox.com/users/login --cookie-jar cookies.txt https://mtgox.com/

curl -v -k --referer http://texai.org --cookie cookies.txt --cookie-jar cookies.txt  --data "name=XXX&pass=YYY" -H "Accept: application/json" https://mtgox.com/code/getFunds.php

-->
{"usds":2.9915,"btcs":1}

Note that the user and password POST fields have been HTML encoded.  I used the same strings as I detected in the Google Network diagnostics, but it should be possible to use any online HTML escape tool to figure the escaped strings if your programming environment does not have a handy method.

[SlipperySlope]

It turns out that the Mt Gox trading API for obtaining balances is working fine with a single HTTPS POST.

Here is the curl command that I use from linux ..

Code:

curl -v -k --referer https://mtgox.com --data "name=XXX&pass=YYY" -H "Accept: application/json" https://mtgox.com/code/getFunds.php

The referer header content is not important.  The user name and password are HTML encoded.

My Java code now matches the behavior of the working curl command.