Idea

lisa avatar image
lisa suggested

Provide secure GameCenter login

It is recommended here that we not use LoginWithGameCenter because it is insecure. However, Apple has now provided a way for 3rd-party services to authenticate GameCenter credentials with generateIdentityVerificationSignature(). Since GameCenter is the easiest recoverable login option on iOS for the player, it would be nice if this offered the same amount of security as Google Play Games on Android.

Authentication
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

6 Comments

·
Justin avatar image
Justin commented

We are trying to iron out Authentication for our game release, but this has been a real issue for us.. Facebook is not ideal for setup. Any progress on this PlayFab/Microsoft?

2 comments
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

brendan avatar image brendan commented ·

Please see the replies in all the other threads where you have asked about this. We do have a backlog item to address this, but it is not available at this time.

0 Likes 0 ·
Justin avatar image Justin commented ·

Hoping this will be adopted in Q1 19' :)

0 Likes 0 ·
drallcom3 avatar image
drallcom3 commented

That would be soo good to have. Authentification on iOS is a real issue.

10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Niall Muldoon avatar image
Niall Muldoon commented

Hi,

Any update on when this work is planned?

Thanks!

1 comment
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

realmar avatar image
realmar commented

Yes please!

10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Andy avatar image
Andy commented

This has now been implemented. There is a new Signature parameter on the LoginWithGameCenter call that expects a signature returned from generateIdentityVerificationSignature. If you'd like, you can require this for all Game Center logins on your title by checking this box on the Apple Add-ons page in the PlayFab Game Manager:

15 comments
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

pixelsage avatar image pixelsage commented ·

Every time I check this box and save settings, it unchecks itself.

1 Like 1 ·
stefan avatar image stefan pixelsage commented ·

I have the same problem, did you find a solution?

1 Like 1 ·
Samuli Häyrynen avatar image Samuli Häyrynen pixelsage commented ·

Same issue. Both "Require secure authentication only for this app" and "Ignore expiration date for identity tokens" checkboxes just reset their states after clicking save(first off and second on).

@Brendan

Do you know are those checkboxes actually working?


1 Like 1 ·
brendan avatar image brendan Samuli Häyrynen commented ·

Thanks for the @ - our support team isn't monitoring for bugs in the Feature Requests area. It's a good idea to open these as new questions in the General Discussion or Bugs areas in future. I've opened a bug on this with the Game Manager team to look into this.

2 Likes 2 ·
Rez avatar image Rez pixelsage commented ·

I have the same problem

0 Likes 0 ·
Em Lazer-Walker avatar image Em Lazer-Walker commented ·

Is there any example code showing this in action? I've been running into issues implementing this.

Apple's signature callback returns Data objects, whereas the PlayFab API method expects strings. Trying to convert those Data objects into UTF-8 strings in Swift (via `String(fromData:, withEncoding)`) yields conversion errors, and converting via a different string encoding and then sending the data results in getting 500s back from the PlayFab HTTP request.

Would be curious if you have a working example I can compare to my implementation to figure out what's going on.

0 Likes 0 ·
Sergey avatar image Sergey Em Lazer-Walker commented ·

Hello!

It looks like I have a similar issue. I am unsure what to do with salt and signature once I obtain them via Apple callback. Found the following code for Unity (which provides salt and signature both as arrays of bytes) https://gist.github.com/BastianBlokland/bbc02a407b05beaf3f55ead3dd10f808

But when I try to encrypt both those arrays of bytes to string and pass them as parameters of LoginWithGameCenter request I get either Bad Request or Internal Server Error. When I convert both salt and signature to a hex string I get "authentication failed. Signature does not match the authentication request data".

I Also pass timestamp and PublicKeyUrl as request parameters.

Were you able to find a solution?

1 Like 1 ·
Samuli Häyrynen avatar image Samuli Häyrynen Sergey commented ·

Same issue. Did you manage to resolve that issue?

0 Likes 0 ·
Show more comments
stefan avatar image stefan commented ·

I have the same problem as @pixelsage. Maybe you can show us a solution?

0 Likes 0 ·
SniperED007 avatar image SniperED007 commented ·

Ticking the "Require secure... for this app" and saving it immediately auto unticks it, any idea why?

0 Likes 0 ·
hello-1 avatar image hello-1 commented ·

Is this resolved?

0 Likes 0 ·
Show more comments
hello-1 avatar image
hello-1 commented

Is this method working now?

1 comment
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

brendan avatar image brendan commented ·

Yes, please refer to the comment immediately above yours, from Andy. You can use the verification signature version of Game Center login using our API call.

1 Like 1 ·

Write a Comment

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Your Opinion Counts

Share your great idea, or help out by voting for other people's ideas.