6. Initialization
6.0.1. Verify the signature of initial data
When user logged in to the platform, the platform will redirect the user to the Login callback URL with the login information appended to the query string. Game server should verify these information before accepting the user's request.
Signature verification must be performed on
the server, for app_secret
shouldn't be exposed to the client.
- HTTP method
GET
- HTTP query string
parameter name | type | description |
---|---|---|
login_key | int64 | random number acted as salt, provided by the platform |
app_id | string(60) | the game id provided by the platform |
user_id | int64 | the user id provided by the platform |
sign | string(60) | signature for validating the data |
- Example
https://your.game.host/?login_key=1000000&app_id=WAKOOL-APPID-TEST001&user_id=100000001&sign=4fcba2c21852edb8e6e3a1bc011aff66
The
https://your.game.host/
in the above example refers to the Login callback URL game developers provided.
- Signature verification
The signature is a lower-cased hexadecimal
string of the
MD5
value of a query string composed of the
app_secret
,login_key
, app_id
, and user_id
in the specified order. The values of the query string have to be
urlencoded
first.
- PHP example:
$sign_data = [
'app_secret' => 'WAKOOL-APPSECRET-TEST001',
'login_key' => '1000000',
'app_id' => 'WAKOOL-APPID-TEST001',
'user_id' => '100000001'
];
/**
* constructing signature:
*/
$sign = md5(http_build_query($sign_data));
The 4 parameters have to be in the order demonstrated in the example code above when constructing the query string and the values have to be urlencoded.
If you have difficulties verifying the signature, check to see if the order of the four parameters are correct.
- Java example:
String app_secret = "WAKOOL-APPSECRET-TEST001";
String login_key = "1000000";
String app_id = "WAKOOL-APPID-TEST001";
String user_id = "100000001";
/**
* constructing signature:
*/
StringBuilder sb = new StringBuilder();
String cs = "UTF-8";
sb.append(java.net.URLEncoder.encode("app_secret", cs)).append('=')
.append(java.net.URLEncoder.encode(app_secret, cs)).append('&')
.append(java.net.URLEncoder.encode("login_key", cs)).append('=')
.append(java.net.URLEncoder.encode(login_key, cs)).append('&')
.append(java.net.URLEncoder.encode("app_id", cs)).append('=')
.append(java.net.URLEncoder.encode(app_id, cs)).append('&')
.append(java.net.URLEncoder.encode("user_id", cs)).append('=')
.append(java.net.URLEncoder.encode(user_id, cs));
String sign = org.apache.commons.codec.digest.DigestUtils.md5Hex(sb.toString());
- Python example:
try:
from urllib.parse import urlencode
except ImportError:
from urllib import urlencode
import hashlib
app_secret = 'WAKOOL-APPSECRET-TEST001'
login_key = '1000000'
app_id = 'WAKOOL-APPID-TEST001'
user_id = '100000001'
# constructing signature:
query = urlencode([('app_secret', app_secret), ('login_key', login_key), ('app_id', app_id), ('user_id', user_id)])
m = hashlib.md5()
m.update(query.encode('utf-8'))
sign = m.hexdigest()
- Node.js example:
const sign_data = {
app_secret: 'WAKOOL-APPSECRET-TEST001',
login_key: '1000000',
app_id: 'WAKOOL-APPID-TEST001',
user_id: '100000001',
};
/**
* constructing signature:
*/
const sign_string = new URLSearchParams(sign_data).toString();
const crypto = require('crypto')
const sign = crypto.createHash('md5').update(sign_string).digest('hex');
6.0.2. Importing SDK
The SDK is written in Javascript, simply insert the following code into your game page.
<script>
!function(w,a,k,o,l,j,s){if(a.getElementById(o))return;j=function(a,
m){m=RegExp('[?&]'+a+'=([^&]*)').exec(w.location.search);return m&&
decodeURIComponent(m[1].replace(/\+/g,' '))};s='app_id';l=l||j('wakool_'
+s)||j(s);j=a.createElement(k);j.src='https://api.wakool.net/sdk?'+s+'='
+l+'&v='+Date.now();j.id=o;s=a.getElementsByTagName(k)[0];s.parentNode.
insertBefore(j,s)}(window,document,'script','wakool-jssdk')
</script>
6.0.3. Manually initialize SDK
※In most cases this step is unnecessary, as the SDK is initialized in the page from Login callback URL where it obtains the required data from the query string of the current URL automatically. On rare occasions the Login callback URL is not the final game URL, or the parameters' name conflicted with the game's own, here's how to manually provide the parameters the SDK needs:
window.wakoolSetup = {
'sign': '{SIGN}',
'app_id': '{APP_ID}'
};
Here the game obtained the
{SIGN}
and{APP_ID}
from Login callback URL, and manually passed them back to the SDK on another page where the original query string were lost.
6.0.4. SDK loaded callback
Define the function wakoolAsyncInit
which will be called upon
the DOMContentLoaded
event being handled by the SDK. The initialized
instance of the SDK wakool
is passed in as the function argument.
Within this function, game developers may register event listeners in
order to be notified when platform events happened.
See Events for a complete list of events.
Game developers are advised to register listeners for purchase event and pause/resume event
In most cases Login function is called here.
window.wakoolAsyncInit = function(wakool) {
// Register SDK event listeners...
wakool.addEventListener(wakool.EVENT_BROWSER_PURCHASE_VERIFY_VALID, function(event){
// …Purchase success…
console.log('Purchase success! Wakool Order ID:', event.data.order_id);
});
// Call wakool.login() function here
wakool.login(function(result){
if(result) {
/** …Login success… */
console.log('Login success! Now Wakool SDK is fully functional.', result);
}
});
// Store the SDK instance <wakool> to the window object for later uses.
window.wakool = wakool;
// please keep this line:
return wakool;
}
Last line of the callback function should be kept.