Verification of special offers (REST API)
You can execute the verification of special offers on the game server-side by using Game of Whales. In order to do this, you are just enough of using a value from payload property.
The payload is a special offer's data encrypted by using a secret key. The key can be taken from Payload Key field on Game Settings page. Game of Whales uses AES-256-CTR encryption algorithm with "hex" output encoding.
Payload structure
The payload has the following attributes:
Attribute
|
Description |
Type |
---|---|---|
camp |
special offer's identifier |
string |
custom |
the data about a special offer's custom fields. It's included to the payload only if the custom fields are defined. |
object |
product |
product (SKU or game items). |
string |
priceFactor |
price's multiplier (except in-app purchases). |
float |
countFactor |
count's multiplier (the multiplier is for the count of coins, for example). |
float |
finishedAt |
special offer's expiration time (in ticks). |
integer |
user |
player's identifier. |
string |
activatedAt |
the date of the special offer's activation by the player (in ticks). |
integer |
redeemable |
how many times the offer can be redeemed (only once or multiple times). |
boolean |
now |
time (in ticks) of sending of the response. |
integer |
Example:
{ "camp": "camp42", "custom": { "str": "abc", "num": 123, "flag": true }, "product": "item_01", "priceFactor": 2, "countFactor": 1, "finishedAt": 1550264340000, "redeemable": true, "activatedAt": 1550219230037, "user": "1234-5678-....-4321", "now": 1550219230037 }
Use case
The use case of using payload is as follows:
1. A client (your game’s code) receives a special offer from Game of Whales server and shows the offer in the game’s shop.
2. When a player tries to use the special offer, the client sends a request to your game server for applying this action on server-side and passes the payload.
3. The server decrypts the payload by using the secret key. The secret key can be taken in your game settings page on Game Of Whales service.
4. Server-side validation is processing:
4.1 It’s checked that the purchased product is the same as payload.product.
4.2 It's checked the expiration date. You can compare payload.finishedAt and server time.
4.3 In addition, other properties of the offer can be chacked (priceFactor, countFactor, etc.).
5. If point 4 is successful, the special offer can be applied to the player.
This case can be applied only if you want the validation process to be made on server-side.
Example of decryption on the server-side
(for nodejs)
decrypt = (encrypted, secretKey) => { const crypto = require('crypto'), decipher = crypto.createDecipher("AES-256-CTR", secretKey); let decrypted = decipher.update(encrypted, 'hex', 'utf8'); decrypted += decipher.final('utf8'); return decrypted; };