Hive Authentication Services - Microsoft .NET apps integration
More and more applications integrate HiveAuth as an authentication method.
The major advantage of this integration is that it makes your application usable by all users with a Hive account, both on desktop and mobile.
In addition, HiveAuth avoids users having to provide their private key, which reinforces the feeling of trust in your application.
Using HiveAuth with Microsoft .NET
Several users have contacted me for advice on integrating HiveAuth into their applications developed with Microsoft.NET languages. One of them was @nathansenn. He already made the HiveAuth integration into @dbuzz but now wanted to be able to use it with Unity, a real-time 3D development platform for building 2D and 3D applications, like games and simulations, using .NET and the C# programming language.
It goes without saying that having the possibility for players to authenticate themselves in their favorite games using only their Hive username, without having to provide a password, would be a revolution in the gaming industry and a serious booster for the recognition of our platform.
Although integrating HiveAuth is really child's play thanks to its extensive technical documentation, one of the developers who contacted me encountered a major difficulty: the difference in the encryption process between certain programming languages.
Cross-development-language Encryption can be tricky
To perform encryption/decryption, HiveAuth relies on the AES encryption specification and uses two functions from the CryptoJS library:
const encrypted = CryptoJS.AES.encrypt(message, password);
const decrypted = CryptoJS.AES.decrypt(encrypted, password);
Pretty simple, isn't it?
Not quite, because to perform encryption AES does not require a password, but an encryption key (key) AND an initialization vector (iv). You can read more about it on this page.
However, as you can see in the code above, CryptoJS does not use a key/IV pair but a simple "password". The trick is that CryptoJs derives a 32-byte long encryption key for AES-256 and a 16-byte long initialization vector (iv) from the "password", then encrypts the "Message" using this key and iv. So, technically speaking, the "password" is not really a password or encryption key but rather a seed.
And the problems arise when you realize that the .NET encryption libraries don't provide similar functionality!
This work will not have been useless because hardly had I finished my friend @brianoflondon contacted me, facing the same problem in his work of integrating HiveAuth into one of his projects written in Python.
.NET HiveAuth integration is (now) really easy
string encrypted = CryptoJS.Encrypt(message, password);
string decrypted = CryptoJS.Decrypt(encrypted, password);
To facilitate the work of .NET developers, I provide them with an example of HiveAuth integration in a very simple C# Windows Application project.
The CryptoJS.cs class and demo project are open-source and available on Github.
The project contains a (very) simple app with just a login form:
After entering your username and clicking on the button, it will display a QR code that you can scan with Keychain Mobile
You just have to open Keychain, scan the code and approve the authentication request. Keychain will then display an approval form where you can accept or decline the authentication request:
If you approve the authentication, Keychain will confirm it and send the authentication approval to the application.
The application then receives this confirmation with a session token that will allow it to later interact with the HiveAuth node to send transaction requests.
Thanks to this concise example, it will only be easier for any .NET developer to integrate HiveAuth as an authentication method in their applications.
Source code, documentation and support
As mentioned at the beginning of the article, the source code for this sample, as well as other sample codes and libraries you can use to make your job easier, is available on Github.
The HAS documentation has been updated with references to this new example.
Finally, if you need help integrating HiveAuth into your (d)Apps, support is provided on discord