Initial Setup
Last updated on
Authorize access to AccelByte Cloud's API using the following steps:
- Ensure that you have created a User and a Game Client in the Admin Portal.
- Open the IAM Swagger page from the OAuth2 authorize API: /iam/v3/OAuth/authorize. A Request ID will be generated.
- Log in using the user_name and password from the Authentication API: /iam/v3/authenticate. Input the Request ID generated in the previous step. If the request succeeds, you will receive an authorization code which will be used in the next step.
- Generate the user token using the authorization code from the OAuth2 Access Token Generation: /iam/v3/oauth/token. If the request succeeds, you will receive a user token which will be used in Step 2.
- Generate an OAuth Client token using client_credentials from the OAuth2 Access Token Generation: /iam/v3/oauth/token. If the request succeeds, you will receive an OAuth Client token which will be used when implementing functions related to the DSMC.
Validate the user's request by extracting the authorization header value Bearer Auth Token from the user's request.
# 02. Extract the Bearer Auth Token from the Authorization header.
authorization = str(event.get("headers").get("Authorization"))
bearer_auth_token, error = extract_bearer_auth_token(authorization)
if error:
return error
log_done("extract Bearer Auth Token")Convert the Bearer Auth Token you obtained into an instance of OauthmodelTokenResponseV3.
# 03. Convert Bearer Auth Token into an OAuth Token object.
oauth_token, error = convert_bearer_auth_token_to_oauth_token(bearer_auth_token)
if error:
return error
log_done("convert Bearer Auth Token")Create a Redis client to connect to the Elasticache for Redis to store matchmaking requests.
# 04. Create Redis Client.
redis_client = create_redis_client(env.redis_host, env.redis_port)
log_done(f"create redis client ({redact(f'{env.redis_host}:{env.redis_port}')})")Create an instance of an IAM Client of the IAM-Python-SDK and use it to validate the OAuth Token and its Permissions and Claims.
# 05. Create IAM Client.
iam_client = create_iam_client(env.iam_base_url, env.iam_client_id, env.iam_client_secret)
log_done("create IAM client")
# 06. Validate IAM Client locally.
error = validate_iam_client_locally(iam_client)
if error:
return error
log_done("validate IAM Client locally")
# 07. Grant IAM Client an Access Token.
error = grant_iam_client_access_token(iam_client)
if error:
return error
log_done("grant IAM Client an Access Token")
# 08. Validate Access Token.
error = validate_access_token(iam_client, bearer_auth_token)
if error:
return error
log_done("validate Access Token")
# 09. Validate permissions.
error = validate_permissions(iam_client, bearer_auth_token, oauth_token)
if error:
return error
log_done("validate permissions")
# 10. Parse and validate claims.
claims, error = validate_claims(iam_client, bearer_auth_token)
if error:
return error
log_done("parse and validate claims")
user_id = claims.Sub
namespace = claims.NamespaceInitialize the AccelByte Python SDK and use it to store the OAuth Token.
# 11. Initialize the AccelByte Python SDK.
accelbyte_py_sdk.initialize()
# 11.a. Create IAM ConfigRepository and TokenRepository
iam_config_repo = MyConfigRepository(env.iam_base_url, env.iam_client_id, env.iam_client_secret)
iam_token_repo = MyTokenRepository(oauth_token)
iam_token_repo.store_token(oauth_token)
# 11.b. Create Game ConfigRepository and TokenRepository
game_config_repo = MyConfigRepository(env.game_base_url, env.game_client_id, env.game_client_secret, env.game_namespace)
game_token_repo = MyTokenRepository(None)
# 11.c. Store the 2 different pairs of repositories
global IAM_REPO, GAME_REPO
IAM_REPO = iam_config_repo, iam_token_repo
GAME_REPO = game_config_repo, game_token_repo