Difference between revisions of "Product key"

From Ace Stream Wiki
Jump to: navigation, search
(Новая страница: «Начиная с версии 2.1.0 движок работает по API только с авторизированными клиентами. Авторизац…»)
 
 
(6 intermediate revisions by one other user not shown)
Line 1: Line 1:
Начиная с версии 2.1.0 движок работает по API только с авторизированными клиентами. Авторизация выполняется на этапе рукопожатия. Для успешной авторизации у клиента должен быть ключ продукта. Ключ продукта можно получить бесплатно, заполнив форму [http://www.acestream.net/developers/request_key.php здесь]
+
Starting from version 2.1.0 engine works by API with authorized applications only. Authorization takes place during handshake (more detailed description you can find below). To be successfully authorized an application must have a product key.
  
== Авторизация клиента ==
+
You can get your personal product key for your application or use a public key:
 +
<tt>kjYX790gTytRaXV04IvC-xZH3A18sj5b1Tf3I-J5XVS1xsj-j0797KwxxLpBl26HPvWMm</tt>
  
* клиент отсылает сообщение
+
If you use the public key, your app can be used only by users who have activated option "No ADs" (Ace Stream disabling ads). If this option is not activated, the engine will send an error "No ADs option must be activated to use this product" when user tries to start playback of some content.
 +
 
 +
'''Attention!''' When your application is ready and you decide to make an opened/public test, send us a request to receive a test key by registering as [[Developers|developer]], with a description of the application and a link to download it. After verification of your product we will give you a special product key which will allow you to make opened/public tests within 30 days for any users, including users who don't have enabled NoADs option. Test for All!
 +
 
 +
If your app supports ad formats of Ace Stream system, you can get a personal product key for free by registering as [[Developers|developer]]. Application with a personal product key can be used by all users, regardless of whether they have any premium options.
 +
 
 +
== Authorization of application ==
 +
Below the schema of application authorization is described:
 +
 
 +
* application sends handshake "HELLOBG" message
 
  <tt>HELLOBG version=''api_version''</tt>
 
  <tt>HELLOBG version=''api_version''</tt>
* движок отсылает в ответ
+
* engine sends the answer
 
  <tt>HELLOTS version=''engine_version'' key=''request_key''</tt>
 
  <tt>HELLOTS version=''engine_version'' key=''request_key''</tt>
* клиент формирует ответный ключ и отсылает его движку
+
* application generates response key and send it to engine
 
  <tt>READY key=''response_key''</tt>
 
  <tt>READY key=''response_key''</tt>
  
Если авторизация прошла нормально, то движок продолжит работу с клиентом, отослав событие <tt>AUTH</tt> (уровень авторизации пользователя).
+
If the authorization was successfull then engine will continue to work with application and send an "AUTH" event (user authorization level).
  
Если авторизация не прошла, движок отправит клиенту событие <tt>NOTREADY</tt>. Это же событие будет отправляться в ответ на любые команды от неавторизированного клиента, кроме команд <tt>HELLOBG</tt>, <tt>READY</tt> и <tt>SHUTDOWN</tt>.
+
If the authorization failed then engine sends event <tt>NOTREADY</tt>. This event is also sent as answer to any command from an unauthorized application.
  
 
;''request_key''
 
;''request_key''
: представляет собой буквенно-цифровую строку, сгенерированную случайным образом
+
: random alpha-numeric string
  
 
;''response_key''
 
;''response_key''
: формируется из ''request_key'' и ключа продукта по следующему алгоритму, представленного в виде псевдокода:
+
: is generated from ''request_key'' and product key with the following algorithm (described in pseudocode):
  <tt><nowiki>signature = hex(sha1(request_key + product_key)); // сгенерировать подпись запроса
+
  <tt><nowiki>signature = hex(sha1(request_key + product_key)); // generate the request signature
x = product_key.split("-")[0];                    // вырезаем все символы до первого знака "-" из ключа продукта
+
x = product_key.split("-")[0];                    // cut all chars until first "-" from the product key
response_key = x + "-" + signature;              // отправляем движку вырезанную на предыдущем этапе строку и подпись, разделенные знаком "-"</nowiki></tt>
+
response_key = x + "-" + signature;              // send the string from the previous step and request signature &crarr;
 +
                                                    separated by hyphen ("-") char to the engine</nowiki></tt>
  
== Пример ==
+
== Example ==
Для примера предположим, что клиент использует ключ продукта 123456-111111-222222-333333
+
In this example we suppose that the application has a product key 123456-111111-222222-333333
  
Подпись для ''response_key'' в данном примере формируется так:
+
Request signature for the given ''response_key'' in this example is generated in this way:
 
<tt>hex(sha1("5eb1f78f123456-111111-222222-333333")) == fd2a247d83adffed56d82cca150d5fab225f1408</tt>
 
<tt>hex(sha1("5eb1f78f123456-111111-222222-333333")) == fd2a247d83adffed56d82cca150d5fab225f1408</tt>
  

Latest revision as of 12:54, 6 September 2017

Starting from version 2.1.0 engine works by API with authorized applications only. Authorization takes place during handshake (more detailed description you can find below). To be successfully authorized an application must have a product key.

You can get your personal product key for your application or use a public key:

kjYX790gTytRaXV04IvC-xZH3A18sj5b1Tf3I-J5XVS1xsj-j0797KwxxLpBl26HPvWMm

If you use the public key, your app can be used only by users who have activated option "No ADs" (Ace Stream disabling ads). If this option is not activated, the engine will send an error "No ADs option must be activated to use this product" when user tries to start playback of some content.

Attention! When your application is ready and you decide to make an opened/public test, send us a request to receive a test key by registering as developer, with a description of the application and a link to download it. After verification of your product we will give you a special product key which will allow you to make opened/public tests within 30 days for any users, including users who don't have enabled NoADs option. Test for All!

If your app supports ad formats of Ace Stream system, you can get a personal product key for free by registering as developer. Application with a personal product key can be used by all users, regardless of whether they have any premium options.

Authorization of application

Below the schema of application authorization is described:

  • application sends handshake "HELLOBG" message
HELLOBG version=api_version
  • engine sends the answer
HELLOTS version=engine_version key=request_key
  • application generates response key and send it to engine
READY key=response_key

If the authorization was successfull then engine will continue to work with application and send an "AUTH" event (user authorization level).

If the authorization failed then engine sends event NOTREADY. This event is also sent as answer to any command from an unauthorized application.

request_key
random alpha-numeric string
response_key
is generated from request_key and product key with the following algorithm (described in pseudocode):
signature = hex(sha1(request_key + product_key)); // generate the request signature
x = product_key.split("-")[0];                    // cut all chars until first "-" from the product key
response_key = x + "-" + signature;               // send the string from the previous step and request signature ↵
                                                     separated by hyphen ("-") char to the engine

Example

In this example we suppose that the application has a product key 123456-111111-222222-333333

Request signature for the given response_key in this example is generated in this way: hex(sha1("5eb1f78f123456-111111-222222-333333")) == fd2a247d83adffed56d82cca150d5fab225f1408


>>HELLOBG version=4
<<HELLOTS version=2.1.0 key=5eb1f78f
>>READY key=123456-fd2a247d83adffed56d82cca150d5fab225f1408
<<AUTH 1