Version - 1.0.3-beta.3

Authentication Status

The Truvideo SDK provides two properties that serve to check the authentication status:

isAuthenticated() : Returns true or false indicating whether the client is authenticated. Please note that authentication may be expired.
isAuthenticationExpired() : Return true or false indicating whether the authentication is expired. If the client is not authenticated, it always returns false.

import 'package:truvideo_core_sdk/truvideo_core_sdk.dart';

bool isAuthenticated = await TruvideoCoreSdk.isAuthenticated();
bool isAuthExpired = await TruvideoCoreSdk.isAuthenticationExpired();

How to authenticate

The authenticate method requires the following inputs:

ApiKey: A string provided by Truvideo upon registration.
Payload: Essential data containing device information, generated internally using the generatePayload() function.
Signature: Encrypt the payload with the provided secret key using the SHA256 algorithm to regenerate the signature.

Upon completion, it triggers the onReady callback or the onError callback in case of an error.

Note
The API key and Secret key are provided by the TRUVideo SDK team.

Algorithm for encoding the signature

To encode the payload, utilize the following function for conversion: The string undergoes conversion using the SHA256 algorithm, incorporating the provided secret key.

import 'package:crypto/crypto.dart';

String? toSha256String({required String secret, required String payload}) {
  try {
     // Convert secret and payload to byte arrays
     List<int> secretBytes = utf8.encode(secret);
     List<int> payloadBytes = utf8.encode(payload);
     var hmacSha256 = Hmac(sha256, secretBytes);
     var macData = hmacSha256.convert(payloadBytes);
     return macData.toString();
   } catch (e) {
     debugPrint("Error generating SHA256 HMAC: $e");
     return null;
   }
 }

The syntax for utilizing this encoding process appears as follows:

 String signature = toSha256String(secret: secretKey, payload: payload) ?? '';

Note 
We suggest avoiding storing the secret within the host application. Instead, set up a private backend owned by you. This backend will handle the payload from the Truvideo SDK and generate the signature. By doing this, you can prevent the secret from being exposed, reducing the risk of security issues

Authentication process

import 'package:truvideo_core_sdk/truvideo_core_sdk.dart';

Future<void> authenticate() async {
  try {
      bool isAuthenticated = await TruvideoCoreSdk.isAuthenticated();
      bool isAuthExpired = await TruvideoCoreSdk.isAuthenticationExpired();
      String payload = await TruvideoCoreSdk.generatePayload();
      String signature = toSha256String(secret: secretKey, payload: payload) ?? '';

      // Authenticate with generated payload and signature
      if (!isAuthenticated || isAuthExpired ) {
        await TruvideoCoreSdk.authenticate(
          apiKey: apiKey,
          signature: signature,
          payload: payload,
          externalId: "",
          );
      }
      await TruvideoCoreSdk.initAuthentication();
    } catch (e) {
      debugPrint('Authentication failed: $e');
    }
}

Clear Authentication

To delete the current session and erase all associated authentication data, utilize the clearAuthentication method

await TruvideoCoreSdk.clearAuthentication();

This command will remove all authentication data and reset the session.

PreviousCore NextVersion - 0.0.1

Last updated 6 days ago

Was this helpful?