Karotz developper zone

Make your own Karotz application !

REST Signed methods

Remote Authentication

This page describe methods used to authenticate a user via API.

API

Start Application from installID

http://api.karotz.com/api/karotz/start

Start the application on Karotz

  • apikey (required): API key of the application
  • once (required): a random value, should never be the same
  • timestamp (required): current time stamp
  • signature (required): base64, HmacSHA1 sign the sum of all arguments in alphabetical order
  • installid (required): installation ID of the application

Full Python example

#!/usr/bin/python
import hmac
import urllib
import time
import random
import hashlib
import base64

APIKEY= 'APIKEY'
SECRET= 'SECRET'
INSTALLID = 'INSTALLID'

# sign parameters in alphabetical order
def sign(parameters, signature):
    keys = parameters.keys()
    keys.sort()
    sortedParameters = [(key, parameters[key]) for key in keys]
    query = urllib.urlencode(sortedParameters)
    digest_maker = hmac.new(signature, query, hashlib.sha1)
    signValue = base64.b64encode(digest_maker.digest())
    query = query + "&signature=" + urllib.quote(signValue)
    return query

parameters = {}
parameters['installid'] = INSTALLID
parameters['apikey'] = APIKEY
parameters['once'] = "%d" % random.randint(100000000, 99999999999)
parameters['timestamp'] = "%d" % time.time()

query = sign(parameters, SECRET)
print query

f = urllib.urlopen("http://api.karotz.com/api/karotz/start?%s" % query)
token = f.read() # should return an hex string if auth is ok, error 500 if not

Php sample

<?php

    $APIKEY= 'APIKEY';
    $SECRET= 'SECRET';
    $INSTALLID = 'INSTALLID';

    function sign($parameter, $secret){
        
        $items = array();
        foreach( $parameter as $key => $value){
            array_push($items, urlencode($key)."=".urlencode($value));
        }
        asort($items);
        
        $query = implode ( "&" , $items );
        
        $iv = hash_hmac ( "sha1" , $query, $secret, true );
        $signature = base64_encode($iv);
        
        
        return $query."&signature=".urlencode($signature);
    }

    $arr = array(
        "installid" => $INSTALLID,
        "apikey" => $APIKEY,
        "once" => rand ( 9999999999999, 99999999999999 ),
        "timestamp" => time());

    echo "http://api.karotz.com/api/karotz/start?" . sign($arr, $SECRET)."\n";
    
    
?>
Google Groupes
Abonnement au groupe KarotzDev
E-mail :
Visiter ce groupe