User:Navarr/WiiBrew Internet API

From WiiBrew
< User:Navarr
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

The WiiBrew Internet API, as I've so dubbed it, is basically just an HTTP API system that I've decided to start working on, that will operate in a way similar (but nowhere near like) the Facebook application system.

Developers will request an API Key (app that will use it [ALL APPS SHOULD HAVE DIFFERENT KEYS!]), reason for wanting/needing it, etc and it will probably almost always be approved.

It will work via the POST method of the HTTP protocol, and will output information in a requested format (XML, INI, etc).

This is still a developing idea. I came up with it, and started writing, and this is where I am. Next comes the code. Please post any ideas on the talk page.

Planned Feature List

  • High Score List
  • P2P Match System
  • Simple Online Variable System
  • Auto-Updating Backend (w/ Software Hosting)

Current (working) Implementation

Vocabulary

Term Definition
{API_KEY} The "Key" that your program is given to connect to the WAPI system
Secret A word or combonation of words of your own choosing that is encrypted and sent after the initial connection to verify your program. DO NOT SHARE YOUR SECRET WITH ANYONE! (keep it in a secret.h and exclude it from the source code)
{SECRET_ENCRYPTION_TYPE} Only sent upon the initial connection request, this tells you how you are supposed to send your secret. You should encrypt it with the following type requested before sending for the next step:
  • 0 - MD5
  • 1 - SHA-1
{SESSION_ID} An integer that should be received by your program on the initial connection and sent back with each query. This allows us to remember you.
Generic MySQL Error Not as "Generic" as we lead you to believe. This actually sends in the following format:
<?xml version="1.0" encoding="utf-8"?>
<wapi><error no="SQL-{INT}">{SQL_ERROR}</error></wapi>

Whenever you get one of these, it's best to tell us. Its generally a bad thing.

Step 1: Request Connection

When you start accessing the WAPI system, the first step is to Request a Connection. This is done by querying the Connection script using your API Key. The script will then return the encryption type (in numerical format) as well as your session ID for the following interactions between the program and the WAPI server.

Request

http://wiibrew.gtaero.net/api/rcon.php
?key={API_KEY}

Return (good)

<?xml version="1.0" encoding="utf-8"?>
<wapi><settings><secret encryption="{SECRET_ENCRYPTION_TYPE}" /><session id="{SESSION_ID}" /></settings></wapi>

Return (bad)

<?xml version="1.0" encoding="utf-8"?>
<wapi><error no="WAPI-1">You attempted to use an invalid key.</error></wapi>

or a Generic MySQL Error

Step 2: Verification

After receiving a succesful connection, the next step is to verify the application. This is the only level of security, and it is admitedly very poor. If you have any further ideas on how to increase security, please post it on the talk page.

Request

http://wiibrew.gtaero.net/api/verify.php
?sessionid={SESSION_ID}
&secret={ENCRYPTED_SECRET}

(the rest is currently incomplete)


Personal Ideas

Possible Example Code?

The below is by no means documentation, just ideas. This whole thing is like a notepad.

Store Variables

Send:

POST /setvar.php?app_key=KEY&setvars=VAR1&values=VALUE HTTP/1.1

or

POST /setvar.php?app_key=KEY&setvars=VAR1,VAR2&values=VALUE1,VALUE2&token=, HTTP/1.1

Get:

<?xml version="1.0"?>
<vars>
  <var name="VAR1" value="VALUE1" />
  <var name="VAR2" value="VALUE2" />
  <!-- etc... -->
</vars>

Reserved Variables (Can Not Set)

  • IP
  • Score
  • LIP
  • ID

Note, Display is a variable that should be reserved for their Display Name.

Leader Boards

Send:

POST /leaders.php?app_key=KEY&lbid=LEADER_BOARD_ID&vars=VAR1,VAR2 HTTP/1.1
<?xml version="1.0"?>
<leaderboard>
  <place num="1">
    <id>xxxxxxxxxxxx</id>
    <display>Registered Display Name (User's)</display>
    <score>xxx</score>
    <vars /> <!-- Application Requested Variables -->
  </place>
  <place num="2" />
  <!-- etc... -->
</leaderboard>

Matchup

Send:

POST /match.php?app_key=KEY&id=WII_ID&lip=192.168.15.9&min_amt=1&max_amt HTTP/1.1

Get:

<?xml version="1.0"?>
<matches amt="3"> <!-- Amount Returned.  If its lower than the Min, an error will be returned -->
  <match>
    <id>xxxxxxxxxxxx</id>
    <display>Registered Display Name (User's)</display>
    <ip>83.92.15.10</ip>
    <lip>192.168.15.10</lip> <!-- If your IP matches theirs, a Local IP should be needed to connect to -->
    <vars /> <!-- Application Requested Variables -->
  </match>
  <match /><!-- etc... -->
</matches>

or

<?xml version="1.0"?>
<error>
  <code>0</code>
  <human>Could not find enough users.</human>
</error>

Common Variable List

Variables that could/should and must (marked by a *) be included:

  • app_key (*) - Application's Unique Key
  • id - Wii's Messageboard ID
  • lip - Wii's Intranet IP Address (Local IP)
  • vars - Variables to be returned (if more than one, token MUST be set)
  • token - Seperator for Variables