Battle.net Login

From EQdkp Plus
Jump to: navigation, search

tools.php?action=compare_version&repo=core&version=2.0.x&lang=en&.png


Versionsinformation
Core 2.0.x

With SSL

The new Battle.net API supports SSL Sites as Redirect-URLs only. That means that you need an own SSL Certificate for your Webspace, and an Hosting Package that allows the including of an SSL Certificate. After you have activated SSL for your EQdkp Plus Installation,

Without SSL

To use the Battle.net Login without SSL, you can use our EQdkp Plus Relay Service. Please notice, that this service has Alpha Status, and can be discontinued without further notice.

Is using the Relay Service still secure?

Yes, it is.

Does EQdkp Plus have access to passwords?

No, we haven't.

But how this this work?

Well, it's easy.

  • On clicking the Login Button, you are redirect to Battle.net where you have to enter your credentials and give your App Access. This whole process is done directly, without any connection to the EQdkp Plus Server.
  • After to gave your App access, Battle.net redirects you to the EQdkp Plus Relay Server, including an authorization code.
  • Our EQdkp Plus Relay Service encrypts this Authorization Code with the EQdkp Plus App-Secret, and redirects the User back to your EQdkp Plus Installation.
  • In your EQdkp Plus Installation, the Authorization Code is decrypted with the EQdkp Plus App-Secret, and used for getting an Access Token directly from the Battle.net API, using the Mashery App-ID and -Secret.

That means for the security:

  • The EQdkp Plus Relay Service does never see any passwords from Battle.net
  • The EQdkp Plus Relay Service cannot use the Authorization Code from Battle.net, because he does not know the Mashery App Secret or Mashery App ID
  • The Authorization Code is encrypted with AES Encryption and the EQdkp Plus App Secret, that is also encrypted stored in our Database.

What Statistics are saved?

At the moment, we only count the usage of an specific App. We do not save any other additional Data.

I'm getting an error, what does this mean?

If you are redirected, but nothing happends, and the URL looks like #relayerror=1 at the end, something happend. Take the number of the end and look at the following list:

  • 1: Internal Server Error
  • 2: The User waited to long to submit the Login Button
  • 3: Verify HMAC Error. Somebody might tried to misuse the Login
  • 4: EQdkp Plus AppID not available