Mobile App Integration Manual v1.0.0
Technical Guide
1.Introduction
This document is to illustrate the detail of the integration required for a client going to integrate into our platform with Mobile App
2.Version
| Version | Description | Date |
|---|---|---|
| 1.0.0 | Initial version | 2019/05/10 |
3.Integration
In order to let your player log in through our mobile app, you have to implement a “User authentication interface” in your system to verify the player.
In the mobile app, a player must log in by your platform’s username ending with ‘@’ and your unique suffix, which we will provide you. For example, a player with username peter1235 and the lobby with suffix ‘ab’, he should enter the username as ‘peter1235@ab’. The password will be the same as in your platform. We will use the suffix to identify your “User authentication interface” in your website to verify the player.
4.API Requirements
You have to implement an API to allow our platform to call.
We will POST two parameters to the URL provided by the client:
- q – an encrypted string containing username (without ‘@’ and suffix), password and date/time. We will send you the key of encryption.
- s – the md5 string of username, password and date/time
String QS = “username=tester1&password=123456&datetime=20151020145031”;
String q = DESEncrypt(QS);
String s = BuildMD5(QS);
String post = “q=” + HttpUtility.UrlEncode(q) + “&s=” + s;
It will make a POST request to web link you provided.
4.1.ASP.Net C# version
Example DES Encrypt/Decrypt function in ASP.Net C# :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
protected byte[] EncryptKey = ASCIIEncoding.ASCII.GetBytes("ask_us_for_key"); public string DESEncrypt(string inString) { MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, new DESCryptoServiceProvider().CreateEncryptor(EncryptKey, EncryptKey), CryptoStreamMode.Write); StreamWriter sw = new StreamWriter(cs); sw.Write(inString); sw.Flush(); cs.FlushFinalBlock(); sw.Flush(); return Convert.ToBase64String(ms.GetBuffer(), 0, (int)ms.Length); } public string DESDecrypt(string inString) { try { return new StreamReader(new CryptoStream(new MemoryStream( Convert.FromBase64String(inString)), new DESCryptoServiceProvider().CreateDecryptor(EncryptKey, EncryptKey), CryptoStreamMode.Read)).ReadToEnd(); } catch { } return ""; } |
Example MD5 function in ASP.Net C#:
1 2 3 4 5 6 7 8 9 10 |
public string BuildMD5(string inString) { byte[] hashed = MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(inString)); StringBuilder sb = new StringBuilder(hashed.Length * 2); for (int i = 0; i < hashed.Length; i++) { sb.Append(hashed[i].ToString("x2")); } return sb.ToString(); } |
4.2.PHP version
DES Encrypt/Decrypt function in PHP:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
<?php class DES { var $key; var $iv; function __construct( $key, $iv=0 ) { $this->key = $key; if( $iv == 0 ) { $this->iv = $key; } else { $this->iv = $iv; } } function encrypt($str) { return base64_encode( openssl_encrypt($str, 'DES-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv ) ); } function decrypt($str) { $str = openssl_decrypt(base64_decode($str), 'DES-CBC', $this->key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, $this->iv); return rtrim($str, "\x01..\x1F"); } function pkcs5Pad($text, $blocksize) { $pad = $blocksize - (strlen ( $text ) % $blocksize); return $text . str_repeat ( chr ( $pad ), $pad ); } } ?> |
4.3.Usage of String q and s
Your API received the q and s parameters should decode the q and verify it’s md5 with the s. If the verification passed, the client should check against their own system. If the username exists in your platform, you should call SA Gaming API “LoginRequest” to receive a login token for the user. If the user doesn’t exist in our platform, we will create one. If LoginRequest success, you should receive an XML for the result with the token. Please refer to “SA Gaming Web Service API – Technical Guide” for details.
Result:| Name | Description | Type and Limit | Required? |
|---|---|---|---|
| datetime | Date time as passed in before | DateTime | Y |
| status | 0: Success 1: Username/Password error 2: Network error 3: Account error 4: API closed | Integer | Y |
| token | Login token return from LoginRequest | string | Y |
1 2 3 4 5 6 |
<?xml version="1.0" encoding="utf-8"?> <AuthResponse> <datetime>20151020145031</datetime> <status>0</status> <token>f93dk9dk2934kfkdoldkekdkd</token> </AuthResponse> |
4.4.API Logic
The following action should be taken after received our request:
- Decrypt q parameter, verify with the md5 for the correctness
- Verify the Username and Password.
- Call SA Gaming API to request login token (LoginRequest).
- Return the required XML to SA Gaming server
Logic flow diagram:
5.Error code
| Error code | Description |
|---|---|
| 1007 | Account not existing |
| 1010 | Error during authentication |
| 1012 | Authentication response empty |
| 1013 | Authentication response incorrect |
| 1014 | Authentication data incorrect |
| 1015 | Username or password error |
| 1016 | Network error |
| 1017 | Account error |
| 1018 | Authentication API closed |
| 1019 | Authentication URL not existing |
| 1020 | Authentication response parsing error |
| 1021 | Pattern not existing |
| 1022 | Pattern incorrect |
| 1023 | Account locked |
| 1024 | Location restricted |
| 1025 | System under maintenance |
| 9999 | Unknown error |