Pseudocode: string = NONCE:CNONE:APIKEY Result: B8DB315C-2C2C-45AA D9ED9A90E:5E992A86:1EC2-FCD9 Step B: SHA256 the compiled string Pseudocode: SHA256(STEP_A) Result: af2bfec80490ea36a941fe0a803f4286f265ebbf9ee52cad16109b5913 Step C: Base64 encode the bytes of SHA256 hash Important: calculate the base64 on the bytes of BASE64, not the hex string. Use the following data to check your hash routine Nonce:!! B8DB315C-2C2C-45AA D9ED9A90E Client nonce:! 5E992A86 ApiKey:!! 1EC2-FCD9 Step A: compile the string to be hashes Compiled pre-hash string. The session id will be invalidated after 5 minutes of inactivity.Ħ Test your hash calculation routine with the following data. Note 2: BASE64 encoding in performed on the raw SHA256 hash bytes, not hex string! If the authentication is verified and is valid the server will return a session id which is used for all subsequent calls to the server to identify the client. Login request sends: Server nonce Client nonce BASE64(SHA256(server_nonce:client_nonce:apikey)) Note 1: do not use BASE64 padding characters (=) for 1 authentication, BASE64 padding characters support is added in 2. The server nonce, client nonce and base64 hash are separated by a colon. Thirdly the client will send the server nonce, the client nonce and the base64 of the SHA265 hash of both nonces and and the API Key and send it to the server. Secondly the client must generate it s own client nonce (random for every authentication!). Authentication Authentication is relatively simple: firstly the client must request for an auth nonce from the server. The server is able to verify the hash and accept a session for this client. The API Key is never transmitted to NZBVortex, instead the client will calculate a SHA256 hash and send it to the server. ![]() Clients and / or users should configure or enter this pre-shared secret API key in the client so it is able to communicate with NZBVortex s API. This API key is a pre-shared secret key which is configured in NZBVortex. The API is protected by a so called API key. This setup is chosen because of end-users costs and easy setup. We are aware that the current default installation will use a self-signed certificate for HTTPS. ![]() The communication will take place using HTTPS. Introduction Basics NZBVortex Network API uses a REST like API using normal GET and POST HTTP operations for API calls which returns JSON. 25Ĥ Move NZB to bottom of queue! Download NZB next (move to second place)! Move NZB to specific index in queue! Speed Limit! Get current Speed Limit state! Enable Speed Limit! Disable Speed Limit! Sleep when done! Get current sleep when done state! Enable sleep when done! Disable sleep when done! Files! Get files for NZB id! States! NZB states! File states!. ![]() 9 Login / Get Session ID! App functions! Current! Application version! Get current download speed! WebUpdate (compiled stats)! NZB functions! Get all NZBs details! Get a details of a specific NZB! Add NZB via HTTP File Upload! Add a NZB via URL! Pause a NZB! Resume a NZB! Cancel a NZB! Delete a NZB! Pause all NZBs! Pause all NZBs (DEPRECATED)! Resume all NZBs! Resume all NZBs (DEPRECATED)! Cancel all NZBs! Delete all NZBs! Clear finished NZBs from Queue! Move NZB up one place in queue! Move NZB down one place in queue! Move NZB to top of queue!. 8 Request API functions! Authentication!. 7 WebUI source files / Your help wanted!!. 1.3 Improved network API, new BASE64 padding support authentication pauseall and resumeall deprecated Added NZB move API call documentation New functions added, some functions don t need authentication anymore 1.6 Added authentication example Api 2.2: specify download name and group name during add of NZBģ 1. ![]() 2 Revision NZBVortex version 1.0 Initial document version Fixed URL s and added Web chapter Fixed authentication base64 details, improved API documentation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |