Checksum body
In every send request (GetBalance, Bet, Settle, etc.). RoyalGaming always sent “checksum” to check if body has been modified on the way (Use HMAC-SHA1 for hash data)
Example body request
Get balance
{
"user_id": "lnwbet888",
"checksum": "71ad677f234e8b61f57148a2e6e5d2fc708406ce"
}PlaceBet / Settle / BetNSettle / etc.
{
"txns": [
{
"txn_id": "abc-12345-xxx-yyy-zzz",
"txn_ref_id": null,
"txn_type": "BET",
"user_id": "lnwbet888",
"bet_id": "101-0-1234567890-abc",
"game_code": "arch-lnw-1234",
"pay_in": 0,
"pay_out": 100,
"game_info": {}
}
],
"checksum": "0a32c5a11ae0eb7e6b3e8e20d7725896eb5ab263"
}How I can validate checksum is valid
- Please remove “checksum” field before hash.
- Example before:
{
"user_id": "aabbcc",
"checksum": "aabbcc" // Remove this
}- Example after:
{
"user_id": "aabbcc"
}- Use your “API key” is “Secret key” for hashing (Ex (NodeJS):
createHmac("sha1", "<YOUR_API_KEY>")) - Convert hash to “hex” (Base16) to validate
32b9f20ebb022218e26268e078dc6753- Validate hashed is match or not
NOTE: If not match. Please response to RoyalGaming in format this
{
"code": 6,
}Example code (NodeJS)
const crypto = require('crypto');
// Example secret key
const secretKey = "very_very_secret_key"
/**
*
* @param {{ [key: string]: any; checksum: string; }} body
* @param {string} secret
* @returns {boolean}
*/
function checksumValid(body, secret) {
// Checksum
const hashed = crypto
.createHmac('sha1', secret)
.update(
JSON.stringify({
...body,
checksum: undefined,
}),
)
.digest('hex');
return body.checksum === hashed;
}
// Validate
const isValid = checksumValid(
{
txns: [
{
txn_id: 'abc-12345-xxx-yyy-zzz',
txn_ref_id: null,
txn_type: 'BET',
user_id: 'lnwbet888',
bet_id: '101-0-1234567890-abc',
game_code: 'arch-lnw-1234',
pay_in: 0,
pay_out: 100,
game_info: {},
},
],
checksum: '0a32c5a11ae0eb7e6b3e8e20d7725896eb5ab263',
},
secretKey,
)
console.log(
`Result valid checksum: `,
isValid
);Last updated on