# 4. Function Introduction

# 4.1 Order Check

# 4.1.1 Get Token

To communicate with the QIYU server, the Token is the necessary information, which will be expired in 7 days.

URL

https://open-vraioapi.iqiyi.com/qiyu-store/util/token (opens new window)

Request

Using the Get method.

  • Headers
Parameter Required? Note
ua YES User agent, the default value: QYVR-DEVELOPER-SERVER
deviceId YES Because we have not provided the deviceid The server network MAC address, e.g. the format E0-2B-E9-3E-BD-18,change to E02BE93EBD18
lang YES Language, English: en_US. Chinese: zh_CN
  • Request Parameters
Parameter Required? Type Note
appId YES long application ID, you can refer to #3.1 Platform Initialization (opens new window)
appSecret YES string app secret code, you can refer to #3.1 Platform Initialization (opens new window)

Return

  • Return Parameters
Parameter Type Note
expIn long expire date (unit in millisecond)
token string Token
  • Return code
Return Code Reason
S0000 Success
S9000 System Error
B3021 APP ID or APP Secret is wrong

Example

  • Request
curl -X GET -G https://open-vraioapi.iqiyi.com/qiyu-store/util/token -H 'ua: QYVR-DEVELOPER-SERVER' -H 'deviceId: QYA50000000000000000' -H 'lang: en_US' -d 'appId=20184742' -d 'appSecret=4d7391edb67135832d4949480792fece'
  • Return
{
 "code": "S0000",
 "data": {
   "expIn": 1648539050764,
   "token": "Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDE4NDc0MiIsImV4cCI6MTY0ODUzOTA1MCwiZGV2aWNlSWQiOiJRWUE1MDAwMDAwMDAwMDAwMDAwMCIsImlhdCI6MTY0NzkzNDI1MCwianRpIjoiOWNmN2UxYzFjYWVkNDQ1Zjk2NDZlMjgyNGRlNThlY2QifQ.cozw72688P52aChqxc4AiCx_7CB8wmfEqtSz7Z9H2wN2dZBRcTCj3MUUuZFFTVKm7EiIOcq7R57QsKL80MFZrA"
 }
 }

# 4.1.2 Check DLC Payment Result (Server)

URL

https://open-vraioapi.iqiyi.com/qiyu-store/aoc/pay-orders (opens new window)

Request

Using Get method

  • Headers
Parameter Required? Note
token YES Get by "Get Token" API
ua YES User agent, the default value: QYVR-DEVELOPER-SERVER
deviceId YES Because we have not provide the deviceid The server network MAC address, e.g. the format E0-2B-E9-3E-BD-18,change to E02BE93EBD18
lang YES Language, English: en_US. Chinese: zh_CN
  • Request Parameters
Parameter Required? Note
orderId NO Order ID
sku NO The SKU of DLC,if this parameter is not passed, all SKUs will be queried.
uid YES User ID

Return

  • Return Parameters
Parameter Type Required? Note
code string No
data object No The data need to decrypt by using RSA public key
orderId number No QIYU order ID
orderStatus string No Order status: success
payAmount bigdecimal No Payment amount, the unit is Yuan
payDate string No Payment time: yyyy-MM-dd HH: mm: ss
sku string No SKU
uid Long No User ID
  • Return Code
Return Code Reason
S0000 Success
S9000 System Error
B3021 APP ID or APP Secret is wrong
B1001 The result is null

Sample

  • Request
curl -X GET -G http://test.vraioapi.qiyi.domain/qiyu-store/iap/orders -H 'ua: iQIYI-A5' -H 'deviceId: QYA5014016L21A100036' -H 'lang: en_US' -H 'token: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI3MDc0MTc2OSIsImV4cCI6MTY1MDQ1NzIzOSwiZGV2aWNlSWQiOiJRWUE1MDE0MDE2TDIxQTEwMDAzNiIsImlhdCI6MTY0OTg1MjQzOSwianRpIjoiODI2ZDI2Mzg0YmE1NGUyNzhjMzQ3ZWIxYzJmM2EzZmMifQ.1F6gAZsnNpi716GQO2IKsTCWdi5lh2xVprNou_WUuN2pfUsBDIIcByqjb1PjLtPhf4Vt2vdF1ujK0evHt2wjag' -d 'orderId=565544143893418507'
  • Return
{
     "code":"S0000",
     "data": "ONAdYCHjJRbFznaT2n+KXztGKoz1jxFAMFEjy/OumMwyQkqj4tpO3EFos7gWCtWn9AH7yyTjjMCmqS1y+IM6Y1A10G9CS8f1Wb76BZ5hek/Q2B0N50tvEOXRrFJOC88ZJorTjK7krNGnvJakvrCckU4HpMA9a0Pa+DBEhZLd2tM="
 }

# 4.2 Payment Result Notification

For IAP and DLC products, QIYU platform will return the related result and uid to application server as data flow after the user complete to make a payment. Developers need to deal with those data and return the appropriate response.

  • Query Type

QIYU developer Portal will send payment result as POST to the address which recorded on the developer Portal (notify_url).

  • Notification link

This link is to receive the notification message from Developer Portal,the URL must be accessed directly without any parameters. HTTPS is recommended, for example, https://vraioapi.iqiyi.com/notify/qiyu/pay (opens new window).

  • Notification parameters
Field Name Name Required Type Sample Description
Notification Date notifyDate Yes Date 2022-01-20 13:43:34 Notification date
Order ID orderId Yes Long 530744402810843551 Order ID
Order Status orderStatus Yes String success Order Status
Payment amount paidAmount Yes float 2.50 Unity is Yuan
Payment date payDate Yes Date 2022-01-20 13:43:31 Payment Date
User ID uid Yes Long 12345654321 User ID
SKU sku Yes String sku12345 SKU code
Signature sign Yes String 9c2afa957b6f120abdcb64b9bb893bc5 Please follow the Signature rule
  • The signature regulation

When calling the interface, the parameters need to be signed to verify the integrity of the data. The method is as follows:

Parameters name (except signature and the method of signature): please sorting the parameters by letters (A-Z) , and using "|" to combine them together: key 1=value 1|key 2=value 2|key =value n

For example, there are three parameters: foo=1,bar=2,nav=3, it should be sorted like: bar=2|foo=1|nav=3

Please set the xxx (xxx is the API key of the application) at the end of string, and then use MD5 to encode the string and transfer the string to lowercase: String sign = MD5Encode("bar=2|foo=1|nav=3|xxx", "utf-8").toLowerCase().

  • Return

If successfully receive the message, please return "success", otherwise, return "fail".

  • Worth to know
  1. Same message might send to developer many times, developers should deal with those duplicate messages.
  2. If QIYU platform receives the response that does not meet the specification or times out, the platform will will determine that the notification fails and resend the notification until success. (QIYU platform will send multiple notifications in 5 times total (will be stopped when the notification is success to send out) with the rate 5s / 30s / 2min / 4min / 6min).
  3. When the order status is unknown or the game does not received the result notification from QIYU platform, we suggest developer call the QueryOrderResult API to check the result of the order.
  4. Developer should sign the result of payment, and authenticate the signature to avoid the man-in middle attack or fake notifications, which might cause the economic loss.
  5. When receiving a notification for processing, firstly, it should check the status of the notification whether it has been processed or not. If it has been processed, it will directly return the result of success. Before checking and processing the status, data lock should be used for concurrency control to avoid data confusion when function reentry.

# 4.3 Server to Server Authentication

This guideline is for the developers who wants to authenticate QIYU account by QIYU server.

# 4.3.1 Get token

To communicate with QIYU server, the Token is the necessary information, which will be expired by 7 days.

① URL

https://open-vraioapi.iqiyi.com/qiyu-store/util/token (opens new window)

Request

Using Get method.

  • Header
Parameter Required? Note
ua YES User agent, the default value: QYVR-DEVELOPER-SERVER
deviceId YES Because we have not provide the deviceid The server network MAC address, e.g. the format E0-2B-E9-3E-BD-18,change to E02BE93EBD18
lang YES Language, English: en_US. Chinese: zh_CN
  • Request Parameters
Parameter Required? Type Note
appId YES long application ID, you can refer to #3.1 platform initialization (opens new window)
appSecret YES string app secret code, you can refer to #3.1 platform initialization (opens new window)

Return

  • Return Parameters
Parameter Type Note
expIn long expire date (unit in millisecond)
token string Token
  • Return code
Return Code Reason
S0000 Success
S9000 System Error
B3021 App ID or App Secret is wrong

Example

  • Request
curl -X GET -G https://open-vraioapi.iqiyi.com/qiyu-store/util/token -H 'ua: QYVR-DEVELOPER-SERVER' -H 'deviceId: QYA50000000000000000' -H 'lang: en_US' -d 'appId=20184742' -d 'appSecret=4d7391edb67135832d4949480792fece'
  • Return
{
 "code": "S0000",
 "data": {
   "expIn": 1648539050764,
   "token": "Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDE4NDc0MiIsImV4cCI6MTY0ODUzOTA1MCwiZGV2aWNlSWQiOiJRWUE1MDAwMDAwMDAwMDAwMDAwMCIsImlhdCI6MTY0NzkzNDI1MCwianRpIjoiOWNmN2UxYzFjYWVkNDQ1Zjk2NDZlMjgyNGRlNThlY2QifQ.cozw72688P52aChqxc4AiCx_7CB8wmfEqtSz7Z9H2wN2dZBRcTCj3MUUuZFFTVKm7EiIOcq7R57QsKL80MFZrA"
 }
 }

# 4.3.2 Authentication QIYU account

URL

https://open-vraioapi.iqiyi.com/qiyu-vip/user/check (opens new window)

Request

Using Get method.

  • Header
Parameter Required? Note
ua YES User agent, the default value of developer server: QYVR-DEVELOPER-SERVER
deviceId YES The device SN,
lang YES Language, English: en_US. Chinese: zh_CN
token YES The token gained from 4.3.1 (opens new window)
  • Request Parameters
Parameter Required? Type Note
uid Yes long User ID

Return

Return Code Reason
S0000 Success
S9000 System Error
S9006 The token invalid
B1003 The uid invalid

Example

  • Request
curl -X GET -G https://open-vraioapi.iqiyi.com/qiyu-vip/user/check -H 'ua: QYVR-DEVELOPER-SERVER' -H 'deviceId: QYA50000000000000000' -H 'lang: en_US' -H 'token: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDE4NDc0MiIsImV4cCI6MTY0ODUzOTA1MCwiZGV2aWNlSWQiOiJRWUE1MDAwMDAwMDAwMDAwMDAwMCIsImlhdCI6MTY0NzkzNDI1MCwianRpIjoiOWNmN2UxYzFjYWVkNDQ1Zjk2NDZlMjgyNGRlNThlY2QifQ.cozw72688P52aChqxc4AiCx_7CB8wmfEqtSz7Z9H2wN2dZBRcTCj3MUUuZFFTVKm7EiIOcq7R57QsKL80MFZrA' -d 'uid=20184742'
  • Response
{
 "code": "S0000"
 }

# 4.4 Sensitive Words Detection

Verifies if the user's text chat content, nickname, or room name contains sensitive words according to the QIYU Sensitive Words libraries.

URL,

https://open-vraioapi.iqiyi.com//qiyu-community/illegal-word/filter (opens new window)

Request

  • Using the Get method. (support using x-www-form-urlencoded POST method to request)

  • Header

Parameter Required? Note
ua YES User agent, the default value of developer server: QYVR-DEVELOPER-SERVER
deviceId YES The device SN
lang YES Language, English: en_US. Chinese: zh_CN
token YES The token gained from 4.3.1 (opens new window)
  • Request Parameters
Parameter Required? Type Note
taskId YES Number Request ID (the value of ID should more than 0).
content YES String The contents need to be filtered (The length should not be over 50)
useType YES Number "2": Text Chat.
"3": Name (includes Nickname and Room name).

Return

  • Callback
Name Type Required? Note
code string YES Please refer to the Return Code
message string YES
data object NO
result boolean NO True or False
taskId number NO The request ID
  • Return Code
Return Code Reason
S0000 Success
S9000 System error
S9001 Parameter error
S9005 The token is not exist

Sample

  • Required
curl -X GET -G 'https://open-vraioapi.iqiyi.com/qiyu-community/illegal-word/filter?taskId=1001&content=你好&useType=2' -H 'ua: iQIYI-A5' -H 'deviceId: QYA5014016L21A100036' -H 'lang: en_US' -H 'token: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI3MDc0MTc2OSIsImV4cCI6MTY1MDQ1NzIzOSwiZGV2aWNlSWQiOiJRWUE1MDE0MDE2TDIxQTEwMDAzNiIsImlhdCI6MTY0OTg1MjQzOSwianRpIjoiODI2ZDI2Mzg0YmE1NGUyNzhjMzQ3ZWIxYzJmM2EzZmMifQ.1F6gAZsnNpi716GQO2IKsTCWdi5lh2xVprNou_WUuN2pfUsBDIIcByqjb1PjLtPhf4Vt2vdF1ujK0evHt2wjag'
  • Return
{
    "code": "S0000",
    "message": "Success",
    "data": {
        "result": true,
        "taskId": 1002
    }
}

Samples

  • National Customer Hotline
  • 400-662-7152
  • Follow QIYU
Copyright © 2022 Dreamagic All Rights Reserved. 京ICP备11032965号