Validation API
Server side integration
Alternatively to standard validation SARD also provides an advanced way that could be used in cheater-heavy scenarios. This validation process is multi-phase and requires additional logic on client and server sides.
Validation process
Phase 1
- When player connects to game server, server provides sessionId to Game Client and SARD Server (later we call this sessionId sid_o) along with UserId as during normal validation process.
- Game Client calls SARD functions passing sid_o, and user_id
- sid_o and user_id are passed to SARD server
Phase2
- Sard sessionId (sid_s) is obtained by Game Client
- Game Client sends sid_s to Game Server
- Game Server makes an API call to SARD server with sid_s, sid_o and user_id
- Validation happens resulting in kick function in case of missmatch
Validation implementation
Client side
Below is code snippet of updated c++ library to work with advanced validation process.
- SardSetUserId - is a function to set userId for validation
- SardSetSessionId - is used to set sessionId generated by game server (we reffered to it as sid_o)
- SardGetSecureSession - is used to obtaind sard session Id (we reffered to as sid_s)
*W function may be used to provide wchar_t instead of char to functions
Code snippet
dllLoader.cpp
static HMODULE sard_lib = 0;
static void (*SardSetUserName)(const char*);
static void (*SardSetUserNameW)(const wchar_t*);
static void (*SardSetUserID)(const char*);
static void (*SardSetUserWID)(const wchar_t*);
static void (*SardSetSessionID)(const char*);
static void (*SardSetSessionWID)(const wchar_t*);
///@ call will be blocked until get ID from Sard server
static const char* (*SardGetSecureSessionID)();
static void (*SardFinalize)();
static void finish()
{
if (SardFinalize)
{
SardFinalize();
}
}
static void setUserName(const char* name)
{
if (SardSetUserName)
{
SardSetUserName(name);
}
}
static void setUserNameW(const wchar_t* name)
{
if (SardSetUserNameW)
{
SardSetUserNameW(name);
}
}
static void setUserID(const char* userID)
{
if (SardSetUserID)
{
SardSetUserID(userID);
}
}
static void SetUserWID(const wchar_t* userWID)
{
if (SardSetUserWID)
{
SardSetUserWID(userWID);
}
}
static void setSessionID(const char* sessionID)
{
if (SardsetSessionID)
{
SardsetSessionID(sessionID);
}
}
static void setSessionWID(const wchar_t* sessionWID)
{
if (SardsetSessionID)
{
SardsetSessionWID(sessionWID);
}
}
static const char* getSecureSessionID()
{
return SardGetSecureSessionID ? SardGetSecureSessionID() : NULL;
}
static void SardInit(const char* dllPath)
{
sard_lib = LoadLibraryA(dllPath);
if (sard_lib)
{
SardSetUserName = (void (*)(const char*)) GetProcAddress(sard_lib, "sardSetUserName");
SardSetUserNameW = (void (*)(const wchar_t*)) GetProcAddress(sard_lib, "sardSetUserNameW");
SardSetUserID = (void (*)(const char*)) GetProcAddress(sard_lib, "sardSetUserID");
SardSetUserWID = (void (*)(const wchar_t*)) GetProcAddress(sard_lib, "sardSetUserWID");
SardSetSessionID = (void (*)(const char*)) GetProcAddress(sard_lib, "sardSetSessionID");
SardSetSessionWID = (void (*)(const wchar_t*)) GetProcAddress(sard_lib, "sardSetSessionWID");
SardGetSecureSessionID = (const char* (*)()) GetProcAddress(sard_lib, "sardGetSecureSessionID");
SardFinalize = (void (*)()) GetProcAddress(sard_lib, "sardFinalize");
void (*SardInitialize)() = (void (*)()) GetProcAddress(sard_lib, "sardInitialize");
if (SardInitialize)
{
SardInitialize();
}
}
}
Server side
Validation request
curl -X POST https://validation.sard.ac/apb/api/ID/validate \
-H "Authorization: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
-H "Content-Type: application/json" \
-d '{"userId": "XXXX"
"serverSessionId": "YYYY"
"sardSessionId": "ZZZZ"}'