Truvideo Core SDK

This Plugin demonstrates the integration of the TruvideoCoreSdk for authentication and platform-specific functionality. It includes features such as authentication, authentication status checking, and clearing authentication.

Supported Platforms

  • Android
  • iOS

Features

  • Authenticates using API Key and Secret Key
  • Authenticates using generated OTP
  • Checks authentication status
  • Clears authentication

Requirements

  • API Key & Secret Key: Required for authentication
  • Authentication Signature: Required when requesting an OTP from the backend API
  • TruvideoCoreSdk Plugin: Must be properly installed and configured in your Flutter project

Setup

  1. Add TruvideoCoreSdk Plugin to your project.
  2. Install dependencies using: 
    flutter pub get
  3. Replace the placeholders with actual API keys: 
    final String apiKey = "YOUR_API_KEY"; // Replace with your API Key
final String secretKey = "YOUR_SECRET_KEY"; // Replace with your Secret Key
  4. Run the app: 
    flutter run

Authentication Process

  1. Generates a payload for authentication
  2. Uses SHA256 HMAC to sign the payload
  3. Authenticates using TruvideoCoreSdk.authenticate()
  4. Updates authentication status

OTP Authentication Process

  1. Build the OTP generation request body with the external ID.
  2. Generate X-AUTHENTICATION-SIGNATURE as an HMAC-SHA256 signature of the exact request body using your Secret Key.
  3. Call the OTP generation API with your API key, signature, and external ID.
  4. Read the otp value from the API response.
  5. Pass that OTP to TruvideoCoreSdk.authenticateWithOtp().
  6. Check TruvideoCoreSdk.isAuthenticated() to confirm the session.

Code Overview

Ckeck Authentication Status

isAuthenticated()

  • Returns true or false indicating whether the client is authenticated.
Future<bool> checkAuthenticationStatus() async {
  bool isAuthenticated = await TruvideoCoreSdk.isAuthenticated();
  return isAuthenticated;
}

Authentication process

Future<void> authenticate() async {
  try {
    String payload = await TruvideoCoreSdk.generatePayload();
    String signature = toSha256String(secret: secretKey, payload: payload) ?? '';

    await TruvideoCoreSdk.authenticate(
      apiKey: apiKey,
      signature: signature,
      payload: payload,
      externalId: "",
    );

    final isAuthenticated = await TruvideoCoreSdk.isAuthenticated();
  } catch (e) {
    print('Authentication failed: $e');
  }
}

Generate OTP API

  • Method: POST
  • BASE-URL: https://sdk-mobile-api.truvideo.com
  • ENDPOINT: /api/v1/auth/otp/generate
  • Required headers:
    • x-authentication-api-key: {{X-AUTHENTICATION-API-KEY}}
    • x-authentication-signature: {{X-AUTHENTICATION-SIGNATURE}}
    • Content-Type: application/json
  • Signature:
    • Generate X-AUTHENTICATION-SIGNATURE using HMAC-SHA256.
    • Use your Secret Key as the HMAC key.
    • Use the exact JSON request body as the payload/message.

Sample signature generation:

final requestBody = jsonEncode({'externalId': externalId});
final signature = Hmac(
  sha256,
  utf8.encode(secretKey),
).convert(utf8.encode(requestBody)).toString();
  • Body:
{
  "externalId": "{{EXTERNAL-ID}}"
}

Successful response:

{
  "otp": "b-YOUR-OTP"
}

Error response example:

{
  "type": "about:blank",
  "title": "Bean validation error",
  "status": 401,
  "detail": "Unauthorized Access",
  "instance": "/api/v1/auth/otp/generate",
  "errors": "Invalid credentials"
}

curl example:

curl --location '{{BASE_URL}}/api/v1/auth/otp/generate' \
--header 'x-authentication-api-key: {{X-AUTHENTICATION-API-KEY}}' \
--header 'x-authentication-signature: {{X-AUTHENTICATION-SIGNATURE}}' \
--header 'Content-Type: application/json' \
--data-raw '{
  "externalId": "{{EXTERNAL-ID}}"
}'

Authentication with OTP

After you receive the OTP from the API, pass it to the SDK:

Future<void> authenticateWithOtp(String otp) async {
  try {
    await TruvideoCoreSdk.authenticateWithOtp(otp: otp);

    final isAuthenticated = await TruvideoCoreSdk.isAuthenticated();
    if (!isAuthenticated) {
      throw Exception('OTP authentication failed');
    }
  } catch (e) {
    print('OTP authentication failed: $e');
  }
}

Clear Authentication

  • To delete the current session and erase all associated authentication data, utilize the clearAuthentication method
Future<void> clearAuthentication() async {
  await TruvideoCoreSdk.clearAuthentication();
}

License

MIT

Support

If you have any questions or suggestions regarding the SDK, please contact us at support@truvideo.com.

Libraries

truvideo_core_sdk
truvideo_core_sdk_method_channel
truvideo_core_sdk_platform_interface