Difference between revisions of "OAuth2/en"

From Ace Stream Wiki
Jump to: navigation, search
(Новая страница: «OAuth2 protocol allows third-party sites to get a limited access to personal data of Ace Stream user, such as e-mail and a public key of the user. ==Что нужн…»)
 
(Общая схема работы)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
OAuth2 protocol allows third-party sites to get a limited access to personal data of Ace Stream user, such as e-mail and a public key of the user.
 
OAuth2 protocol allows third-party sites to get a limited access to personal data of Ace Stream user, such as e-mail and a public key of the user.
  
==Что нужно для работы с Ace Stream OAuth2==
+
==What do you need to work with Ace Stream OAuth2==
Для того, чтобы получить возможность использовать Ace Stream OAuth2, необходимо зарегистрироваться как реселлер в системе Ace Stream. Реселлеры имеют возможность создавать маркеты - как правило, это сайты, через которые осуществляется продажа опций пользователям. Каждый маркет получает доступ к OAuth2
+
To get ability to use Ace Stream OAuth2, you have to register as a reseller in Ace Stream system. Resellers are able to create markets - usually, these are sites through which options are sold to users. Each market gets access to OAuth2.
  
==Общая схема работы==
+
==Common work scheme==
Реселлер размещает на своем сайте ссылку с названием вида "Войти через Ace Stream", которая ведет сюда:
+
Reseller publishes on his site a link with a name like "Log in via Ace Stream", which leads here:
 
  <nowiki>https://accounts.acestream.net/oauth/v2/auth?client_id=[CLIENT_ID]&response_type=code&redirect_uri=[REDIRECT_URI]&scope=userkey+email</nowiki>
 
  <nowiki>https://accounts.acestream.net/oauth/v2/auth?client_id=[CLIENT_ID]&response_type=code&redirect_uri=[REDIRECT_URI]&scope=userkey+email</nowiki>
  
В ссылку подставляются следующие параметры:
+
The following parameters are inserted in the link:
* '''[CLIENT_ID]''' - идентификатор маркета, который реселлер может узнать в настройках своего маркета
+
* '''[CLIENT_ID]''' - market's identifier, which the reseller can find out in settings of his market
* '''[REDIRECT_URI]''' - ссылка, на который будет перенаправлен пользователь после успешной авторизации. Данная ссылка должна быть в списке Redirect URI в настройках маркета
+
* '''[REDIRECT_URI]''' - link, to which the user will be redirected after a successful login. This link has to be listed in Redirect URI in market's settings
  
После перехода по данной ссылке пользователь проходит авторизацию в системе Ace Stream, после чего перенаправляется на указанный [REDIRECT_URI].
+
After following this link, the user is authorized in Ace Stream system and then redirected to the specified [REDIRECT_URI].
  
Если во время авторизации произошла ошибка, то на [REDIRECT_URI] передаются параметры error error_description, описывающие ошибку.
+
If during authorization an error was occurred, parameters error error_description describing the error are sent to [REDIRECT_URI].
  
После успешной авторизации передается параметр <tt>code</tt>: это код подтверждения (authorization code) для получения токена доступа (access_token).
+
After successful authentication parameter <tt>code</tt> is passed: this is an authorization code for getting access_token.
  
После получения кода сторонний сайт дожен получить <tt>access_token</tt>. Для этого на адрес <nowiki>https://accounts.acestream.net/oauth/v2/token</nowiki> отправляется POST-запрос с такими переменными:
+
After receiving the code third-party site should get <tt>access_token</tt>. For this POST-request with the following parameters is sent to <nowiki>https://accounts.acestream.net/oauth/v2/token</nowiki>:
* '''client_id''' - идентификатор маркета
+
* '''client_id''' - market's identifier
* '''client_secret''' - секретный ключ маркета (можно узнать в настйроках маркета)
+
* '''client_secret''' - secret market key (you can find it out in market's settings)
* '''code''' - код подтверждения, полученный ранее
+
* '''code''' - confirmation code obtained earlier
* '''grant_type''' - строка "authorization_code"
+
* '''grant_type''' - string "authorization_code"
* '''redirect_uri''' - ссылка, указанная в первом запросе
+
* '''redirect_uri''' - link specified in the first request
  
Ответ на данный запрос отправляется в формате JSON.
+
Response to this request is sent in JSON format.
  
В случае ошибки в ответе присутствует поле <tt>error_description</tt> с описанием ошибки.
+
In case of an error field <tt>error_description</tt> with error decription is present in the response.
  
В случае успешного выполнения в ответе высылается токен доступа в поле <tt>access_token</tt>
+
If successful, the access token in the field <tt>access_token</tt> is sent in the response.
  
С помощью токена доступа сторонний сайт имеет возможность получить e-mail и публичный ключ пользователя. Для этого отправляется GET-запрос на адрес <nowiki>https://accounts.acestream.net/oauth/api</nowiki> с такими параметрами:
+
Using the access token third-party site is able to get e-mail and public key of the user. For this GET-request with the following parameters is sent to <nowiki>https://accounts.acestream.net/oauth/api</nowiki>:
* '''method''' - строка "getUserInfo"
+
* '''method''' - string "getUserInfo"
* '''access_token''' - полученный ранее токен доступа
+
* '''access_token''' - access token obtained earlier
  
В случае успешного выполнения данного запроса в ответ отправляются данные пользователя в формате JSON:
+
If the request was successful, user's data in JSON format are sent in response:
 
  <nowiki>{
 
  <nowiki>{
 
   "user": {
 
   "user": {

Latest revision as of 11:17, 23 September 2014

OAuth2 protocol allows third-party sites to get a limited access to personal data of Ace Stream user, such as e-mail and a public key of the user.

What do you need to work with Ace Stream OAuth2

To get ability to use Ace Stream OAuth2, you have to register as a reseller in Ace Stream system. Resellers are able to create markets - usually, these are sites through which options are sold to users. Each market gets access to OAuth2.

Common work scheme

Reseller publishes on his site a link with a name like "Log in via Ace Stream", which leads here:

https://accounts.acestream.net/oauth/v2/auth?client_id=[CLIENT_ID]&response_type=code&redirect_uri=[REDIRECT_URI]&scope=userkey+email

The following parameters are inserted in the link:

  • [CLIENT_ID] - market's identifier, which the reseller can find out in settings of his market
  • [REDIRECT_URI] - link, to which the user will be redirected after a successful login. This link has to be listed in Redirect URI in market's settings

After following this link, the user is authorized in Ace Stream system and then redirected to the specified [REDIRECT_URI].

If during authorization an error was occurred, parameters error error_description describing the error are sent to [REDIRECT_URI].

After successful authentication parameter code is passed: this is an authorization code for getting access_token.

After receiving the code third-party site should get access_token. For this POST-request with the following parameters is sent to https://accounts.acestream.net/oauth/v2/token:

  • client_id - market's identifier
  • client_secret - secret market key (you can find it out in market's settings)
  • code - confirmation code obtained earlier
  • grant_type - string "authorization_code"
  • redirect_uri - link specified in the first request

Response to this request is sent in JSON format.

In case of an error field error_description with error decription is present in the response.

If successful, the access token in the field access_token is sent in the response.

Using the access token third-party site is able to get e-mail and public key of the user. For this GET-request with the following parameters is sent to https://accounts.acestream.net/oauth/api:

  • method - string "getUserInfo"
  • access_token - access token obtained earlier

If the request was successful, user's data in JSON format are sent in response:

{
  "user": {
    "email": "USER_EMAIL",
    "key": "USER_KEY"
  }
}