Forum Discussion

soporte's avatar
soporte
Visitor
9 years ago

BRIGHTSCRIPT: ERROR: ParseJSON: Data is empty with url https

Hello everyone, 
I want to implement ssl and I have this error

Url verifyuser with https gives me this error: data empty
With only http  works fine 


------ Running dev 'app tv' main ------

Url verifyuser = https://mychanneltest.com/RokuDev/verify_user.php?user=test&pass=test&idu=1GN63R123456&d=Roku%203
BRIGHTSCRIPT: ERROR: ParseJSON: Data is empty: pkg:/source/conexionserver.brs
(228)



function verify_user(user As String, pass As String) As Object
    request = CreateObject("roUrlTransfer")
    user = getStrValFromReg("user_apptv", "data_apptv")
    pass = getStrValFromReg("pass_apptv", "data_apptv")
    url = UrlServer()+"/RokuDev/verify_user.php?user=" + urlencode(user) + "&pass=" + urlencode(pass) + "&idu=" + GetDeviceESN() + "&d="+ urlencode(device())
    print "Url verify_user = "; url
    ba = CreateObject("roByteArray") 
    ba.FromAsciiString(user+":"+pass) 
    request.AddHeader("X-Roku-Reserved-Dev-Id", "6874f4tg626d99c29b30a689254ed2baa6252g11")
    request.AddHeader("X-Content", ba.ToBase64String())    
    request.SetUrl(url)
    html = request.GetToString()
    data = html.Trim() 
    json = ParseJSON(data)                                                      

    if json <> invalid then
        'print "data = "; json.mensaje
        return json
    else
        return []
    end if

End Function


I read that I have to add in apptv the certificate file (pkg: /cert/cert.pem) 

I have these 3 files on my server
Which of these 3 files do I need to add ?

        SSLCertificateKeyFile /etc/ssl/ssl.key/michannel.key
        SSLCertificateFile /etc/ssl/ssl.crt/d2a8843b0a103367.crt
        SSLCertificateChainFile /etc/ssl/ssl.crt/gd_bundle-g2-g1.crt

Do I need to add a special roku certificate? 
And if so, where do I download it (In sdk I did not find it)? 

thanks in advanced ¡
Roku Developer Program

5 Replies

  • destruk's avatar
    destruk
    Streaming Star
    9 years ago
    Right, keep using the serial number to verify your users...
  • soporte's avatar
    soporte
    Visitor
    9 years ago
    "destruk" wrote:
    Right, keep using the serial number to verify your users...

    It is correct, I want to continue to use the serial number to verify  users only with ssl
    thanks for your help destruk 
    please someone who realy want help me with this topic

    Hello everyone, 
    I want to implement ssl and I have this error
    Url verifyuser with https gives me this error: data empty
  • NB_'s avatar
    NB_
    Roku Guru
    9 years ago
    The reason you shouldn't rely on device ID is because people buy new players and give away the old ones, so the unit S/N is not 1:1 mapping to account. Instead it is better to store a token in the registry when initially the device is linked to account and pass that. The registry would be deleted on factory reset or channel deletion, resulting in auto-unlinking of the device.

    If i remember, there is no default certificates file, so you have to provide one yourself setCertificatesFile() (that may have changed - s/o correct me?):
    video.Addheader("x-roku-reserved-dev-id", "") ' please re-read docs on this, 2nd param ignored for x-roku-reserved-dev-id' 
    video.SetCertificatesFile("pkg:/source/testCA.CRT")
    video.InitClientCertificates()
  • belltown's avatar
    belltown
    Roku Guru
    9 years ago
    "soporte" wrote:

    please someone who realy want help me with this topic

    Hello everyone, 
    I want to implement ssl and I have this error
    Url verifyuser with https gives me this error: data empty


    After creating the roUrlTransfer object you need to call SetCertificatesFile on that object, specifying a file containing the certificate chain (bundle) used to verify your server certificate.

    If your server certificate is signed by a well-known, trusted certificate authority, then you can use Roku's standard certificate file as follows:

    request.SetCertificatesFile("common:/certs/ca-bundle.crt")

    If your server certificate is signed by other Root/Intermediate CAs, then you need to supply your own certificate file containing the certificate chain used to verify your server certificate. I'm guessing that in your case it would be the SSLCertificateChainFile: /etc/ssl/ssl.crt/gd_bundle-g2-g1.crt. If so, copy that file into your Roku channel's package directory, e.g. into a folder named certs, and specify the location of the file as follows:

    request.SetCertificatesFile("pkg:/certs/gd_bundle-g2-g1.crt")

    The bundle file should be in PEM format, i.e. a base-64 encoded text file containing a concatenation of certificates with each certificate surrounded by:

    -----BEGIN CERTIFICATE-----
    -----END CERTIFICATE-----

    Note, you don't need to call InitClientCertificates() unless your server is configured to verify that the requests are coming from an actual Roku device (Client Authentication). If your server does perform this check, then you'd also need to copy the Roku Corp's SDK public key file, cacert.pem, into your server. Similarly, there is no need to call AddHeader("X-Roku-Reserved-Dev-Id") unless your server explicitly needs to check the developer id.
  • destruk's avatar
    destruk
    Streaming Star
    9 years ago
    If you are making channels to make money, then securing your users' financial information ought to be high on your list of priorities.  HTTPS is alright for transactions, however, to give the keys away with the store relying on the serial number, mac id, or other static information that can't be wiped from the device itself is stupid.  Maybe you should add a disclaimer stating that their credit cards and identifying information will be permanently attached to their roku device - I'm sure letting them know would be appreciated.