Difference between revisions of "OAuth2/en"
(Новая страница: «OAuth2 protocol allows third-party sites to get a limited access to personal data of Ace Stream user, such as e-mail and a public key of the user. ==Что нужн…») |
(→Общая схема работы) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
OAuth2 protocol allows third-party sites to get a limited access to personal data of Ace Stream user, such as e-mail and a public key of the user. | OAuth2 protocol allows third-party sites to get a limited access to personal data of Ace Stream user, such as e-mail and a public key of the user. | ||
| − | == | + | ==What do you need to work with Ace Stream OAuth2== |
| − | + | To get ability to use Ace Stream OAuth2, you have to register as a reseller in Ace Stream system. Resellers are able to create markets - usually, these are sites through which options are sold to users. Each market gets access to OAuth2. | |
| − | == | + | ==Common work scheme== |
| − | + | Reseller publishes on his site a link with a name like "Log in via Ace Stream", which leads here: | |
<nowiki>https://accounts.acestream.net/oauth/v2/auth?client_id=[CLIENT_ID]&response_type=code&redirect_uri=[REDIRECT_URI]&scope=userkey+email</nowiki> | <nowiki>https://accounts.acestream.net/oauth/v2/auth?client_id=[CLIENT_ID]&response_type=code&redirect_uri=[REDIRECT_URI]&scope=userkey+email</nowiki> | ||
| − | + | The following parameters are inserted in the link: | |
| − | * '''[CLIENT_ID]''' - | + | * '''[CLIENT_ID]''' - market's identifier, which the reseller can find out in settings of his market |
| − | * '''[REDIRECT_URI]''' - | + | * '''[REDIRECT_URI]''' - link, to which the user will be redirected after a successful login. This link has to be listed in Redirect URI in market's settings |
| − | + | After following this link, the user is authorized in Ace Stream system and then redirected to the specified [REDIRECT_URI]. | |
| − | + | If during authorization an error was occurred, parameters error error_description describing the error are sent to [REDIRECT_URI]. | |
| − | + | After successful authentication parameter <tt>code</tt> is passed: this is an authorization code for getting access_token. | |
| − | + | After receiving the code third-party site should get <tt>access_token</tt>. For this POST-request with the following parameters is sent to <nowiki>https://accounts.acestream.net/oauth/v2/token</nowiki>: | |
| − | * '''client_id''' - | + | * '''client_id''' - market's identifier |
| − | * '''client_secret''' - | + | * '''client_secret''' - secret market key (you can find it out in market's settings) |
| − | * '''code''' - | + | * '''code''' - confirmation code obtained earlier |
| − | * '''grant_type''' - | + | * '''grant_type''' - string "authorization_code" |
| − | * '''redirect_uri''' - | + | * '''redirect_uri''' - link specified in the first request |
| − | + | Response to this request is sent in JSON format. | |
| − | + | In case of an error field <tt>error_description</tt> with error decription is present in the response. | |
| − | + | If successful, the access token in the field <tt>access_token</tt> is sent in the response. | |
| − | + | Using the access token third-party site is able to get e-mail and public key of the user. For this GET-request with the following parameters is sent to <nowiki>https://accounts.acestream.net/oauth/api</nowiki>: | |
| − | * '''method''' - | + | * '''method''' - string "getUserInfo" |
| − | * '''access_token''' - | + | * '''access_token''' - access token obtained earlier |
| − | + | If the request was successful, user's data in JSON format are sent in response: | |
<nowiki>{ | <nowiki>{ | ||
"user": { | "user": { | ||
Latest revision as of 11:17, 23 September 2014
OAuth2 protocol allows third-party sites to get a limited access to personal data of Ace Stream user, such as e-mail and a public key of the user.
What do you need to work with Ace Stream OAuth2
To get ability to use Ace Stream OAuth2, you have to register as a reseller in Ace Stream system. Resellers are able to create markets - usually, these are sites through which options are sold to users. Each market gets access to OAuth2.
Common work scheme
Reseller publishes on his site a link with a name like "Log in via Ace Stream", which leads here:
https://accounts.acestream.net/oauth/v2/auth?client_id=[CLIENT_ID]&response_type=code&redirect_uri=[REDIRECT_URI]&scope=userkey+email
The following parameters are inserted in the link:
- [CLIENT_ID] - market's identifier, which the reseller can find out in settings of his market
- [REDIRECT_URI] - link, to which the user will be redirected after a successful login. This link has to be listed in Redirect URI in market's settings
After following this link, the user is authorized in Ace Stream system and then redirected to the specified [REDIRECT_URI].
If during authorization an error was occurred, parameters error error_description describing the error are sent to [REDIRECT_URI].
After successful authentication parameter code is passed: this is an authorization code for getting access_token.
After receiving the code third-party site should get access_token. For this POST-request with the following parameters is sent to https://accounts.acestream.net/oauth/v2/token:
- client_id - market's identifier
- client_secret - secret market key (you can find it out in market's settings)
- code - confirmation code obtained earlier
- grant_type - string "authorization_code"
- redirect_uri - link specified in the first request
Response to this request is sent in JSON format.
In case of an error field error_description with error decription is present in the response.
If successful, the access token in the field access_token is sent in the response.
Using the access token third-party site is able to get e-mail and public key of the user. For this GET-request with the following parameters is sent to https://accounts.acestream.net/oauth/api:
- method - string "getUserInfo"
- access_token - access token obtained earlier
If the request was successful, user's data in JSON format are sent in response:
{
"user": {
"email": "USER_EMAIL",
"key": "USER_KEY"
}
}
