From 7b5939c5f56a5754b93ec023af88165dea2680c8 Mon Sep 17 00:00:00 2001 From: Bottersnike Date: Tue, 28 Mar 2023 02:03:18 +0100 Subject: [PATCH] ALL.Net auth --- templates/pages/sega/network/auth.html | 3 + templates/pages/sega/network/~allnet.md | 2 +- templates/pages/sega/network/~auth.md | 149 ++++++++++++++++++++++++ 3 files changed, 153 insertions(+), 1 deletion(-) create mode 100644 templates/pages/sega/network/auth.html create mode 100644 templates/pages/sega/network/~auth.md diff --git a/templates/pages/sega/network/auth.html b/templates/pages/sega/network/auth.html new file mode 100644 index 0000000..1ed6989 --- /dev/null +++ b/templates/pages/sega/network/auth.html @@ -0,0 +1,3 @@ +{% extends "sega.html" %} {% block title %}ALL.Net Service{% endblock %} {% block body %} +{% markdown %}{% include relative("~auth.md") %}{% endmarkdown %} +{% endblock %} \ No newline at end of file diff --git a/templates/pages/sega/network/~allnet.md b/templates/pages/sega/network/~allnet.md index 9d32a7c..671cd9a 100644 --- a/templates/pages/sega/network/~allnet.md +++ b/templates/pages/sega/network/~allnet.md @@ -4,7 +4,7 @@ ALL.Net, short for Amusement Linkage Live Network, is SEGA's standadised arcade The ALL.Net model is compresed of four networked services: -1. ALL.Net itself. This is `naominet.jp`, and handles basic operations. +1. [Authentication](./auth). This is `naominet.jp`, and handles basic operations. 2. The billing service. This is `ib.naominet.jp`, and handles tracking and updating play counters. 3. AiMeDB. This is `aime.naominet.jp`, and handles user management. 4. The title server. The URL for this is provided by ALL.Net, as different games use different services for this. diff --git a/templates/pages/sega/network/~auth.md b/templates/pages/sega/network/~auth.md new file mode 100644 index 0000000..f689c5b --- /dev/null +++ b/templates/pages/sega/network/~auth.md @@ -0,0 +1,149 @@ +# ALL.Net Authentication + +The ALL.Net authentication service is divided into four primary categories. They are ordered in decreasing importance on this page. + +**This entire service is HTTP-only!** + +## Auth API +These four endpoints handle the primary functions of the ALL.Net authentication service. Requests and responses are sent as a url-encoded query-value string. + +Some endpoints make use of a mildly obfuscated version of this. When the `Pragma: DFI` header is present for a request or response, it indicates that the content is a base64 encoded, deflated, version of its real value. If a request was made with `Pragma: DFI`, the response will be too. + +All responses have the `Content-Type` of `text/plain; charset=%s`, where the charset is `EUC-JP` if unspecified in the request body. + +Requests can be made using both the `GET` and `POST` verbs, and function identically. + +### `/sys/servlet/PowerOn` +All requests to this endpoint **MUST** be DFI-encoded. The request is as follows: + +| Name | Required | Default | Meaning | +| ---------- | -------- | ------- | ---------------------------------------------------------------------------------------------------------------------- | +| game_id | Yes | | The four-digit game ID | +| ver | Yes | | The game version | +| serial | Yes | | The keychip serial number | +| ip | Yes | | The tenpo router IP address (%d.%d.%d.%d) | +| firm_ver | Yes | | The ALL.Net library version (a semantic version, formatted as %01d%02d%02d) | +| boot_ver | Yes | | Unknown. Just pass 0000. (%02X%02X) | +| encode | | EUC-JP | Request encoding. "EUC-JP", "Shift_JIS" and "UTF-8" are common, but be prepared to handle more. | +| format_ver | | 1.00 | Request format version. Parsed as a float, however "1.00", "2.00" and "3" are the only values that should be observed. | +| hops | | -1 | | +| token | | | Added in format 3, this value is echoed in the response. | + +Observed values for `firm_ver` are listed below, however other versions likely exist: + +- 0.01.00 +- 0.02.00 +- 2.00.07 +- 2.00.08 +- 2.01.02 +- 3.00.00 +- 3.00.01 +- 3.00.02 +- 3.00.03 +- 3.00.04 +- 3.00.05 +- 3.00.09 +- 5.00.00 +- 6.00.00 + +The server should then use the provided information to authenticate the machine as it sees fit, and will then return the information required for use of ALL.Net services. The response structure varies depending on the format version in use. + +| Name | Required | Default | Version added | Final version present | Meaning | +| --------------- | -------- | ------- | ------------- | --------------------- | ------------------------------------------------------------------------------- | +| stat | Yes | | | | Success: `1`, Game failure: `-1`, Machine failure: `-2`, Location failure: `-3` | +| uri | Yes | _empty_ | | | Title server URI1. Will be empty if stat<=0 | +| host | Yes | _empty_ | | | Title server hostname1. Will be empty if stat<=0 | +| place_id | | | | | ALL.Net location ID | +| name | | | | | ALL.Net location name | +| nickname | | | | | ALL.Net location nickname | +| region0 | Yes | `0` | | | Region information. | +| region_name0 | Yes | _empty_ | | | | +| region_name1 | Yes | _empty_ | | | | +| region_name2 | Yes | _empty_ | | | | +| region_name3 | Yes | _empty_ | | | ^ | +| country | | | 2 | | ALL.Net 3-character country code | +| allnet_id | | | 3 | | | +| client_timezone | Yes | _empty_ | 3 | | Example `+0900` | +| utc_time | Yes | | 3 | | `yyyy-MM-dd'T'HH:mm:ss'Z'` | +| res_ver | Yes | | 3 | | Will always be the literal `3` | +| token | Yes | | 3 | | The token from the request | +| year | Yes | | | 2 | Current time | +| month | Yes | | | 2 | | +| day | Yes | | | 2 | | +| hour | Yes | | | 2 | | +| minute | Yes | | | 2 | ^ | +| timezone | Yes | | 2 | 2 | Will always be the literal `+09:00` | +| res_class | Yes | | 2 | 2 | Will always be the literal `PowerOnResponseVer2` | +| setting | Yes | | | | Machine setting. `1` indicates the machine is OK, and should always be set. | + + +1. The hostname (if) present in `uri` is used for name resolution. The value in `host` is passed to the title server in the `Host` header, and can be utilised as an extra authentication step. + +### `/sys/servlet/Alive` +There is no request for this endpoint. The response is the two bytes `OK` (that is, `Content-Length: 2`). + +### `/sys/servlet/DownloadOrder` +All requests to this endpoint **MAY** be DFI-encoded. The request is as follows: + + +| Name | Required | Default | Meaning | +| ------- | -------- | ------- | ----------------------------------------------------------------------------------------------- | +| game_id | Yes | | The four-digit game ID | +| ver | Yes | | The game version | +| serial | Yes | | The keychip serial number | +| ip | Yes | | The tenpo router IP address (%d.%d.%d.%d) | +| encode | | | Request encoding. "EUC-JP", "Shift_JIS" and "UTF-8" are common, but be prepared to handle more. | + +The response is: + + +| Name | Required | Default | Meaning | +| ------ | --------------- | ------- | ---------------------------------------------------------------------------------------------------------------- | +| stat | Yes | | Machine setting | +| serial | 1 | | `,`-seperated list of the serial numbers of machines in the same store with the same game and machine group IDs. | +| uri | Yes1 | `null` | Download order URI(s) | + +1. Omitted if `stat` is not `1`. + +`uri` can contain both an app download order url, and an option image download order url. The two are concatinated, with the option image having `|` prefixed. That is, if only an option image is available, this will take the obscure-looking value of `|https://url.to/opt`. + +### `/sys/servlet/LoaderStateRecorder` +All requests to this endpoint **MUST NOT** be DFI-encoded. The request is as follows: + + +| Name | Required | Meaning | +| --------- | -------- | ---------------------------------- | +| serial | Yes | The keychip serial number | +| dvd | Yes | | +| net | Yes | | +| work | Yes | | +| old_net | Yes | | +| deliver | Yes | | +| nb_ftd | Yes | Number of files to download | +| nb_dld | Yes | Number of files downloaded | +| last_sysa | Yes | Last authentication unix timestamp | +| sysa_st | Yes | Last authentication state | +| dld_st | Yes | Download state | + +The response is either `OK` if the request was formatted correctly, otherwise `NG`. + +## Report API +Used to report download status for an ongoing network-based game delivery, this category contains just a single endpoint. + +### `/sys/servlet/Report` + +## Title API +These legacy endpoints are used to request title-specific information. I've not seen any games use these, and they're a low priority for documentation. + +### `/sys/servlet/GetMachineList` +### `/sys/servlet/GetPlaceList` +### `/sys/servlet/GetRegionList` +### `/sys/servlet/MachineTable` +### `/sys/servlet/PlaceRegionTable` +### `/sys/servlet/PlaceRegionTableAll` + +## Admin API +These endpoints are used for ALL.Net system administration and are not of interest. Their endpoints are recorded here for prosperity. Custom network authors should consider implementing their own administration functionality however best suits their architecture. + +### `/sys/servlet/AdminRegister` +### `/sys/servlet/AdminView`