Trying to implement timed license validation in app

[fmg-pete]

I am following this guide, but I seem to be missing something really fundamental in getting it working. There's no mention of machine activation or fingerprinting in the request flow, but it appears essential for it to work? I understand the fundamentals of fingerprinting, I just can't seem to figure out where and how it's implemented in the request flow. Do I need a third-party library fingerprint generating library? Does this need to be applied to a newly created machine and then added to the license via another API call? When I use the C# code for the Validate by license Key example, I get Valid = False for the license, and "fingerprint is not activated (has no associated machine) ValidationCode=NO_MACHINE". Are there policy settings that negate the need for fingerprinting?

All the business wants is to be able to send a licensed user a key, have them copy / paste it in to the app somewhere, and the software to be unlocked once the key is validated ( offline or online ), and then leave them alone for a year. Is there a simple way to do this? Thanks in advance...

[ezekg]

A timed license doesn't require machine activation, so it's not mentioned on that page. You can combine a timed license with a node-locked or floating license, which do require machine activation. But that doesn't sound like what you're looking for, so feel free to forego the activation step since it's not required for basic timed licenses, given you don't care about the number of machines each license can be used on. You can simply validate the license key and be done with it.

You're receiving a NO_MACHINE validation code because you're sending a scope.fingerprint param in a license validation request, but the license has no machines activated yet. It sounds like you don't want to use activation, so you can forego that param and the validation should work, given the policy is not strict.

As far as fingerprinting —

There are packages that can query the machine GUID across various platforms:

• For C# apps, you can access the machine GUID using the DeviceId package via AddMachineGuid().
• For Python, we maintain a package called py-machineid.
• For Node, there's the node-machine-id package.
• For Go, there's the machineid package.

(More on activation and fingerprinting is covered here.)

Hope that helps? Let me know.

[fmg-pete]

Thanks again @ezekg for the detailed reply. I was resisting generating the entire API response class definition just to get the valid flag and the expiry date, but I tried it today... with the same result. It appears none of the Attributes ( expiry, status, lastValidated, etc. ) get populated. There are no errors, but I suspect c# is screwing up the mapping from the response to the class. I've seen this before where json2csharp's guess at the object type isn't quite right. Also breaks all the class mappings in this example. Unfortunately, Visual Studio's debugging for async requests is not much help either.

Do you know of any complete c# examples that return those attribute values via an async request? My starting point was just adding "expiry", but that's really led me down a bit of a rabbit hole!

Edit:

I can't even get this to work now, locally or otherwise.

https://dotnetfiddle.net/ZNLYqX ( account ID and keys obfuscated )

It's from this example ( Validate License by key ) :

https://keygen.sh/docs/api/licenses/

Have I exceeded the API request quota, or triggered some sort of lock-out? I just can't seem to get anything sensible from the API today, I'm sure it worked last week :(.

[ezekg]

I updated this C# example to use records for deserialization. Hope that helps!

[fmg-pete]

Thanks for that @ezekg. I actually got a version working this morning using NewtonsoftJson deserialization and a dynamic object type. This lets you get at arbitrary nested keys in a JSON response object without having to build a model. I can now get meta.valid, data.attribute.expiry and data.attribute.key values ( or any value ) and use them for validation. Works fine in debug but the RestSharp RestRequest is not playing nicely in the release. I suspect it's blocking and not actually asynchronous, or throwing some exception I'm not catching... but that's down to my implementation - nothing to do with the API!

Once I (finally) have a proper async / await validate() function working I'll share it here.

[ezekg]

Good to hear, and good luck. Just FYI, I also updated the example above to use async/await.

[fmg-pete]

Finally, working. There were A LOT of gotchas, final hurdle was that it worked in Debug mode but not in Release. Turns out there are issues with the latest version of RestSharp. I eventually got it working on v105.15.0, API calls just never completed successfully on 107.x.x or 108.x.x unless I ran them in Visual Studio 2022 in Debug mode.

Here's my function in c#:

    ```
   using RestSharp;
   using Newtonsoft.Json;


   async public static Task<IRestResponse> validate(string accountID, string licenseKey)
    {           

        var client = new RestClient("https://api.keygen.sh/v1/accounts/" + accountID);
        var request = new RestRequest("licenses/actions/validate-key").AddJsonBody(
        new
        {
            meta = new
            {
                key = licenseKey
            }
        });
      
        var p = await client.ExecutePostAsync(request, default);
        string JsonResponse = p.Content.ToString();
        dynamic Validation = JsonConvert.DeserializeObject(JsonResponse);
        if (Validation.meta.valid == false)
        {              
           // Prompt user that licence is not valid
        } else {
           // do whatever with any of the values from the license validate by key API call
           // https://keygen.sh/docs/api/licenses/#licenses-actions-validate-key 
        }

        return p;
    }