Skip to content
This repository has been archived by the owner on Dec 8, 2020. It is now read-only.

Request API key

Jump to bottom
MaurICT edited this page Apr 9, 2020 · 2 revisions

Request an API token

To get an API token, follow these steps: Redirect the user to https://stoverstag.nl/Register/Authenticate The URL allows the following parameters: appName and callbackUrl. Both are optional.

appName is the name of your application that will be displayed to the user. callbackUrl will be explained soon, be aware: MUST BE URL-ENCODED

Example usage: https://stoverstag.nl/Register/Authenticate?appName=YourAppName&callbackUrl=https%3A%2F%2Fexample.me%2FoverstagCallback

There are 3 ways to retrieve the token after the user gave permission:

1. Use callbackUrl: Enter the URL of your website. By example, Overstag will post the API token to your website in this format:

POST /overstagCallback?apiKey=xxxxxxxxxxxxx HTTP/1.1
Host: https://example.me
Content-Type: application/x-www-form-urlencoded
Content-Length: 20

apiKey=xxxxxxxxxxxxx

You can retrieve the token by reading out the url query or the form parameter. Be aware, your server must accept it as a HTTP POST!

2. Retrieve the header

If the user will authenticate via your application instead of a browser, you might be able to read out the response headers. You must not provide a callbackUrl if you use this method. The header looks like this:

200 OK
...
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
...
Api-Key: xxxxxxxxxxxxx

3. (Android) use Javascript Interface

If you are developing for android, (or another platform that implements a javascript interface) you can use this. The code examples are for Java, Android

  • Create a class that looks like this:
public class YourCustomJSInterface {
    @JavascriptInterface
    public void allow(String apiKey) {
        //Store your api key
    }

    @JavascriptInterface
    public void discard() {
        //Your handler for when the user discards permission
    }
}
  • Create a WebView in your application, and add the javascript interface:
WebView webView = findViewById(R.id.myWebView);
//Enable javascript and DOM storage, Important: without this the Overstag website will not work
webView.getSettings().setJavaScriptEnabled(true);
webView.getSettings().setDomStorageEnabled(true);

webView.addJavascriptInterface(new YourCustomJSInterface(), "Android"); //<-- Add javascript interface
webView.loadUrl("https://stoverstag.nl/Register/Authenticate?appName=YourAppName&callbackUrl=ANDROID"); //<-- Notice callback url = ANDROID

Make sure that the callbackUrl paramater equals ANDROID. This trick will make the website to call your javascript interface

Make sure you store the apiKey in your application, we will need it when we are going to call the API!

Clone this wiki locally