ParameterCode.Secret

Options
amiractivate
amiractivate
edited October 2012 in Photon Server
I noticed that theres is an authenticate operation thats currently not used on the loadbalancing server app,
it has a parameter called ParameterCode.Secret, may I know the purpose of this parameter ?

The only information I could get regarding the parameter is "<summary>(221) Internally used to establish encryption</summary>" which is found on PUN as a comment.

could someone point me to the direction if I am interested in finding out how to use this? or is there a tutorial somewhere that shows how to use this parameter?

Comments

  • Kaiserludi
    Kaiserludi admin
    Options
    Of course the authenticate operation is used. An unchanged Photon LoadBalancing master- or gameserver side does not allow a client to do anything, until it has successfully authenticated. However the clients authenticate automatically, without the need for you to explictly call an APi function for authentication.
    ParameterCode.Secret is indeed unused. The intention behind this parameter is to send a second unique ID for the app additionally to the unique appID like in a username/password pair. There is currently no good reason to make your appID public, so it suits both purposes, being the id and the pw for the app. Therefor ParameterCode.Secret is currently unused.
  • amiractivate
    amiractivate
    Options
    Hi Kaiserludi,

    Thanks for the explanation on the ParameterCode.Secret, Ive been using a customOperation to send username/password, ill relook into sending it via this parameter.

    However,I still have problem understanding how the AuthenticateOperation works,

    Although I see the Appid and versionid sent via opparameters (from PUN): 
    public virtual bool OpAuthenticate(string appId, string appVersion)
        {
            if (this.DebugOut &gt;= DebugLevel.INFO)
            {
                this.Listener.DebugReturn(DebugLevel.INFO, "OpAuthenticate()");
            }

            Dictionary&lt;byte, object&gt; opParameters = new Dictionary&lt;byte, object&gt;();
            opParameters&#91;ParameterCode.AppVersion&#93; = appVersion;
            opParameters&#91;ParameterCode.ApplicationId&#93; = appId;
            
            return this.OpCustom(OperationCode.Authenticate, opParameters, true, (byte)0, this.IsEncryptionAvailable);
        }

    I still dont get how authentication happens on the server side? plus all the properties are optional : 
    &#91;DataMember(Code = (byte)ParameterCode.ApplicationId, IsOptional = true)&#93;
public string ApplicationId { get; set; }

&#91;DataMember(Code = (byte)ParameterCode.AppVersion, IsOptional = true)&#93;
public string ApplicationVersion { get; set; }

&#91;DataMember(Code = (byte)ParameterCode.Secret, IsOptional = true)&#93;
public string Secret { get; set; }

&#91;DataMember(Code = (byte)ParameterCode.UserId, IsOptional = true)&#93;
public string UserId { get; set; }

    This is the Authentication on the MasterClientPeer upon receving the Authenticate request from the client : 
    private OperationResponse HandleAuthenticate(OperationRequest operationRequest)
{
OperationResponse response;

var request = new AuthenticateRequest(this.Protocol, operationRequest);
if (!OperationHelper.ValidateOperation(request, log, out response))
{
return response;
}

this.UserId = request.UserId;

// publish operation response
var responseObject = new AuthenticateResponse { QueuePosition = 0 };
return new OperationResponse(operationRequest.OperationCode, responseObject);
}
    The code isnt referring to the parameters sent (appid,version). Am I required to edit this part of code to make the application authentication?
  • [Deleted User]
    [Deleted User]
    Options
    amiractivate wrote:
    The code isnt referring to the parameters sent (appid,version). Am I required to edit this part of code to make the application authentication?

    Yes. :)

    We have only provided a "stub" for the Authenticate operation - so that you have a starting point where you could place some authentication code.

    As we don't have any idea how you want to authenticate your clients, we have not provided a meaningful implementation - feel free to modify the operation (or even the parameters) to anything you need (for example, you might want to do a database lookup, a webservice request, check windows credentials, etc.).

    (On Photon Cloud, the Authenticate operation is implemented to validate the client's ApplicationID, for example.)
  • amiractivate
    amiractivate
    Options
    Hi Nicole,

    Thanks for the clarification, so the operation is currently used by photoncloud but not implemented on the existing loadbalancing sdk code. Sorry I didnt realize it was a stub, off to modify the stub then :idea:

Cookies,
anyone?

We use cookies and related technologies to enhance your experience, show you personalised content and analyze performance and traffic on our website. By clicking on the „Accept All“ button you consent to the use of non-functional cookies and the subsequent processing of personal data to optimize our website and services as described in more detail in our Privacy and Cookie Policy.

By clicking on the „Customize or Deny all“ button you can decide otherwise. Clicking on the „Customize“ button will take you to a page where you can configure the usage of non-functional cookies (and related technologies) or deny all of them. You can access these settings at any time and also subsequently deselect cookies at any time in the footer area of our website.

ACCEPT ALL

Cookie Overview

We use the following categories of cookies and related technologies to enhance your experience, show you personalized content, and analyze performance and traffic on our website. We respect your right to privacy and accordingly you can chose to not allow some types of cookies (and related technologies). Click on the different category sliders and change our default settings to manage your cookie settings.

For more information on the specific cookies/related technologies we use and on how we use these, please see section 15 E. of our Privacy and Cookie Policy.

ABSOLUTELY NECESSARY

Authentication cookies we use are required to run our services … Cookies are required: Link

FUNCTIONAL AND MARKETING COOKIES

These cookies collect anonymous data and allow us to optimize our website and user experience. These cookies are listed here:

ANALYTICS

Help us to understand how visitors interact with our services, enables us to analyze and improve our services (also through third party analytics).