Introduction¶
Overview¶
Acrobits VoIP apps can be configured to call web services to add new features to the app. These web services are typically implemented by VoIP provider. Some typical examples are:
balance checker: returns current credit for the registered used, which is then shown in the app
web callback: tells the provider to call a local number and a destination number and connect those two calls
etc.
Web Service Definition¶
The apps need to know where the web service is located and how it should be called. The web service is typically defined
using a group of XML nodes, whose names have common prefix followed by field specifier. The node names follow camelCase
notation. The “Prefix” specifies the type of web service, for example genericRateCheck
or genericMediaUpload
.
The list of supported XML nodes follows:
PrefixUrl
¶
The URL of the web service, including the query string. The scheme of the URL must be either
http
orhttps
.Example:
https://example.com/endpoint?username=%account[username]%&password=%account[password]%
PrefixPostData
¶
Body of the web service request. It is not use in case
GET
request method is selected. The content type of the body should match the value specified inPrefixContentType
parameter, which should always be set.Example:
username=%account[username]%&password=%account[password]%
PrefixContentType
¶
The contents of Content-Type header which the app will use to send the request. If empty,
application/x-www-form-urlencoded
will be used by default.
PrefixMethod
¶
HTTP method to use for this web service. Defaults to
GET
. Possible values areGET
,POST
,PUT
,HEAD
andDELETE
.In case the method is not specified, the app will use GET in case
PrefixPostData
are empty, otherwise it will usePOST
.
PrefixAuthUsername
, PrefixAuthPassword
¶
If set, the app will use Digest HTTP authentication with these credentials.
PrefixCustomHeaders
¶
Contains list of additional HTTP headers to be sent along with the request. Multiple headers may be specified, separated by a newline character (n).
Example:
Header1: Value1\nHeader2: Value2
PrefixTimeout
¶
Specifies custom timeout. If the response does not arrive within this timeout, the request it terminated with failure. The default is 30 seconds.
Note that only the PrefixUrl
field is always required; it is sufficient to describe a basic GET
request.
Url, ContentType and PostData are enough to define a basic POST
request.
Parameters¶
Parameters are passed to web services via template strings. These template strings contain variables enclosed in percent characters. The apps try to interpret these variables and replace them with actual values.
The parameters have different scopes, described below.
Global parameters¶
These parameters are always available and can be used for any web service. Here is a list of them.
%installid%
A unique identifier of the app installation. This value is created when the app is ran for the first time on the given device and survives app updates. It is lost when the app is uninstalled.
%appid%
Application’s identifier. It is the bundle id for iOS apps and package id for Android. Typically the reverse-domain is used for this identifier, like
com.provider.appname.ios
.Warning
Starting iOS 16.4, the MCC and MNC parameters are no longer available. Devices running iOS 16.4 or later will report an empty string for these parameters.
Warning
The MCC and MNC parameters are accessible on Android devices only after the user grants the Phone permission to the app. If the user denies the permission, the MCC and MNC parameters will be empty strings.
%mcc%
Mobile country code, read from the SIM card. In case of dual-sim phone, it is read from currently selected SIM. Empty string when the information is not available. See Mobile Country Codes (MCC) and Mobile Network Codes (MNC) for known values.
%mnc%
Mobile network code, read from the SIM card. It identifies network operator who issued the SIM. See the point above for link to documentation.
%uniqueid%
Device unique identifier. This identifier is bound to the device and should survive app updates and even removal / re-install of the app. Because of iOS privacy policy, this may not work reliably on iOS devices.
%build%
Build number of the app which sends the request.
%platform%
The platform of the client. For example, “iOS” or “Android”.
%platformversion%
The version of platform. For example, “9.2.3”.
%version%
The version of the app which is sending the request.
%appname%
The (possibly localized) name of the application.
%locale%
The current locale the app is using. For example:
en-us
,de-de
etc.%localTime%
The local time of the user as reported by the OS. Formatted according to RFC3339.
%utcTime%
The Coordinated Universal Time as reported by the OS. Formatted according to RFC3339.
%cpu%
CPU type of the device where the app is running.
%device%
Identifier of the type of device where the app is running. This identifier is taken from the mobile OS, the values are for example
iPhone6,2
,GT-I9100
etc.%campaignTrackingUrl%
Google campaign identifier. In case the user installed the app from an ad campaign, this variable will contain the campaign id. For technical details, see Google Documentation.
Note: this is only available on Android, iOS apps will always return empty string.
%productionBuild%
For Cloud Softphone white-label apps, this parameter will be
1
in case of production builds and0
othwewise. This makes it possible to distinguish testing and production builds. Generic Cloud Softphone, as well as Softpohne and Groundwire apps will always have this parameter set to1
.
Account parameters¶
Available for web services which are related to a SIP account (which is most of them). Account information is stored in account XML format and any node from this XML can be used as a parameter.
These parameters are specified as %account[KEY]%
, where KEY is one of the identifiers described in
Account XML document.
https://example.com/script?user=%account[username]%&password=%account[password]%
Warning
The apps will never send account password (%account[password]%
) over unencrypted connection. You need to use
HTTPS scheme in order to be able to pass the password parameter.
If you can’t use HTTPS for any reason, check the sha1 and nonce Functions with examples below.
Service-specific parameters¶
These are defined per-web service and are used to provide the task-specific information the web service needs. They are described in detail in the specific web-service documentation.
Functions¶
Parameters can be transformed using several builtin functions. The format to specify function in the parameter template string is:
%function(parameter)%
Supported functions are:
lower
Converts the argument to lowercase.
%lower(%account[username]%)%upper
Converts the argument to uppercase.
%upper(%account[username]%)%store
defines a new named parameter and stores its value for later use. This function generates no output into the final string - it’s replaced by empty string.
%store(name=%account[username]%)%load
loads a previously stored parameter and puts its value to output, or uses it as an argument to another function.
%load(name)%sha1
Returns SHA-1 hash of the argument. The example below outputs SHA-1 hash of account password.
%sha1(%account[password]%)%md5
Returns MD5 hash of the argument. The example below outputs MD5 hash of account password.
%md5(%account[password]%)%base64
Returns the argument base64-encoded. The example below outputs Basic Authorization header:
Authorization: Basic %base64(%account[username]%:%account[password]%)%nonce
generates a random string of characters from the following alphabet:
0123456789abcdefghijklmnopqrstuvwyz
. Length of the string is specified via parameter.%nonce(8)%The example below generates a salt and puts salted SHA-1 hash of account password into output string and demonstrates combined use of store, load, nonce and sha1 functions.
%store(salt=%nonce(8)%)%salt=%load(salt)%&hashedPassword=%sha1(%load(salt)%:%account[password]%)%
Web Service Responses¶
The response is naturally web-service specific, but there are some common points. The apps will recognize responses in any of the following Content-Types:
application/xml
application/json
application/x-www-form-urlencoded
In case no Content-Type header is present in the response, the app will try to parse the response body as XML document.
The response is considered successful if the following conditions are met:
HTTP response code is
2xx
or304
The response body can be parsed from the format specified by Content-Type header
In case the response code is not one of the success response codes mentioned above, the app will still try to parse the body and if it succeeds, it tries to find a field “message” in the body. If present, it will take the contents of this field and show it as an error message to the user.
In case the “message” field is not found, the app takes first 100 characters of the raw response body and shows that to the user instead.
Note
It’s highly recommended to put “message” field into your error responses. In case you want to show localized messages, you can pass the current device language via %locale% parameter in your request and choose the localized version based on this information.
Example Error Responses:¶
HTTP/1.1 403 Forbidden Date: Sun, 15 Mar 2015 00:46:17 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding Content-Length: 123 Content-Type: application/xml Keep-Alive: timeout=5, max=100 Connection: Keep-Alive <error><message>You are not allowed to do this</message></error>HTTP/1.1 403 Forbidden Date: Sun, 15 Mar 2015 00:46:17 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding Content-Length: 123 Content-Type: application/json Keep-Alive: timeout=5, max=100 Connection: Keep-Alive {"message" : "You are not allowed to do this"}HTTP/1.1 403 Forbidden Date: Sun, 15 Mar 2015 00:46:17 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Encoding Content-Length: 123 Content-Type: application/x-www-form-urlencoded Keep-Alive: timeout=5, max=100 Connection: Keep-Alive message=You%20are%20not%20allowed%20to%20do%20this