Dealing with API return
Dealing with API return
Dealing with API return
Dealing with API return
Dealing with API return
Dealing with API return Dealing with API return Dealing with API return Dealing with API return Dealing with API return Dealing with API return Dealing with API return Dealing with API return
Dealing with API return Dealing with API return
Dealing with API return
Go Back  Xtreme Visual Basic Talk > > > Dealing with API return


Reply
 
Thread Tools Display Modes
  #1  
Old 11-05-2015, 03:52 PM
miki_1985 miki_1985 is offline
Freshman
 
Join Date: Aug 2004
Posts: 44
Question Dealing with API return


Hi,

Im looking at integrating my application with my eCommerce API to verify licenses and activate my program against the API return (gets returned in JSON)

I have the code all working & can confirm that im receiving the correct values back from the API - in plain text.

At present i am getting the value returned from the above and comparing it to the possible options that could be returned (valid, invalid, expired etc...).

Only problem with this (I think) is that in my code i essentially have a "if string-from-api = "valid" then load form, else exit" - storing the value that is required to load the form in the code itself. can i do this a better way / encrypt the expected string & store it elsewhere maybe?

or am i overthinking it & would it be easier just to obfuscate the entire project when completed?

Thanks
Mike.
Reply With Quote
  #2  
Old 11-06-2015, 12:07 PM
Cerian Knight's Avatar
Cerian KnightDealing with API return Cerian Knight is offline
Polymath (in disciplina)

Super Moderator
* Expert *
 
Join Date: May 2004
Location: Michigan
Posts: 4,199
Default

If I am concerned about security, I store a one-way hash value (of known matching valid return), comparing subsequent hash returns against the stored value. Therefore there is no string stored in code for the compare, but it does require the initial hash is authenticated before it is stored. This is minimal (even presuming a good one-way hash is used). In addition to that, obfuscation would bring you a step closer to preventing the 'if API stored hash = API return hashed' from being circumvented.
__________________
I got all the answers wrong on the GLAT, apparently even #9 (where I put a period in the middle of the box and labeled it 'singularity ripe for rapid inflation').
Reply With Quote
Reply

Tags
api, returned, code, load, form, valid, return, required, encrypt, storing, string-from-api, expected, integrating, exit, string, project, entire, obfuscate, completed, mike, easier, store, overthinking, application, ecommerce


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump

Advertisement:





Free Publications
The ASP.NET 2.0 Anthology
101 Essential Tips, Tricks & Hacks - Free 156 Page Preview. Learn the most practical features and best approaches for ASP.NET.
subscribe
Programmers Heaven C# School Book -Free 338 Page eBook
The Programmers Heaven C# School book covers the .NET framework and the C# language.
subscribe
Build Your Own ASP.NET 3.5 Web Site Using C# & VB, 3rd Edition - Free 219 Page Preview!
This comprehensive step-by-step guide will help get your database-driven ASP.NET web site up and running in no time..
subscribe
Dealing with API return
Dealing with API return
Dealing with API return Dealing with API return
Dealing with API return
Dealing with API return
Dealing with API return Dealing with API return Dealing with API return Dealing with API return Dealing with API return Dealing with API return Dealing with API return
Dealing with API return
Dealing with API return
 
Dealing with API return
Dealing with API return
 
-->