Single Image Asynchronous Moderation

Parameter Specification

• Request URL:

https://isafe.ilivedata.com/api/v1/image/check/async

• Interface description:

Image asynchronous detection interface. After the task is submitted, the image will be detected, and the results will be returned through callbacks. The callback configuration can be configured in the console service configuration or passed in through parameters.

• Image requirements:

  • Supported types: URL, BASE64
  • Supported formats: jpg, png, bmp, gif, webp, tiff, heic;
  • Supported image size: <10M;
  • Description of gif/long image: Automatically cut gif/long image into frame and check, up to 5 images. Gif/long images are billed according to the actual number of screenshots; Definition of long image: images whose ratio of length and width is greater than 5.

• HTTP request Header:

• Request method：POST

• Request body JSON object:

  • Public Parameters

    Parameter	Required	Type	Description
    type	Required	Number	1: Image URL 2: Image BASE64 value
    image	Required	String	Image content, if type=1, then the value is the image URL, if type=2, then the value is the image BASE64 value.
    strategyId	Optional	String	Strategy ID, if empty, use DEFAULT Strategy
    referImage	Optional	String	Used for face comparison. The referImage type needs to be the same as image type. If image is a url, referImage must also be a url. Supported formats: jpg, png；Supported image size: <10M;
    userId	Optional	String	Unique end user ID. The user ID should be no more than 32 characters.
    userIP	Optional	String	User IP address
    did	Optional	String	User device ID
    dtype	Optional	String	User device type：1：iPhone 2：android 3: ipad 4：wphone 5: pc 6：web 7：wap
    id	Optional	String	Extended field, can be used as identifier and transparently transmitted.
    extra	Optional	json	Extended fields, can pass multiple keys and values transparently. For example, pass two parameters: game server and game version: “extra” : {“server”: “123”,“version”:“456”}

  • New Parameters

    Parameter	Required	Type	Description
    callbackRegion	Optional	String	Callback region: default cn, optional cn, us, ap. If not given or not within the value range, cn will be used by default to initiate the callback.
    callbackUrl	Optional	String	Callback url: http protocol
    callbackSecretKey	Optional	String	The callback key can be customized. The key needs to be consistent in the callback signature verification method. Otherwise, it cannot be verified whether the callback data has been tampered with.

• Example of request body:

        {
        "type": 1,
        "userId": "123",
        "image": "http://abc.com/a.jpg",
        } 
  

• Request signature:

When the user requests the Image Check API, the request can be signed with the appId and secretKey (obtained from the Console - Service Configuration). When the API receives the request with the signature information, it will verify the signature using the same algorithm, and if the signature is found to be inconsistent, the API will return 401 error to the user.

If the API validation signature is consistent and the user corresponding to the appId has permission to operate the requested resource, the request succeeds, otherwise the API returns 401 error.

• Request Header to send a signature via HTTP

Method: Add a header named Authorization in the request, whose value is the signature value. For example:

 Authorization: ****

• Signature calculation method

1. Canonicalized Query String:

Convert the request body JSON string to a hexadecimal string (not Base64) by doing sha256 encoding with UTF-8 character encoding.

CanonicalizedQueryString = hex(sha256(jsonBody))

2. Constructs the signed string StringToSign ("\n" stands for ASCII newline character):

   StringToSign = HTTPMethod + “\n” + HostHeaderInLowercase + “\n” + HTTPRequestURI + “\n” + CanonicalizedQueryString < Get from previous step> + “\n” + “X-AppId:” + SAME_APPID_IN_HEADER + “\n” + “X-TimeStamp:” + SAME_TIMESTAMP_IN_HEADER

The HTTPRequestURI is the absolute path to the request URI, without the request string. If the HTTPRequestURI is empty, also keep a forward slash (/).

The hash-based message authentication code (HMAC) is created using the HMAC-SHA256 protocol and the signature is calculated.

For more information about HMAC, see: https://tools.ietf.org/html/rfc2104。

3. StringToSign as the signature string, secretKey as the secret key and SHA256 as the hash algorithm.

4. Converting the results of the previous step to a BASE64 string.

5. Put the BASE64 string into the Authorization of HTTP request Header.

• Example of signature

Below is an example of appId & secretKey & image.

appId=***
secrectKey=****
image_base64="T2dnUwACAAAAAAAAAAAd8pVTAAAAAGsIvpMBE..."

Below is an example of request type.

{
 "type": 2,
 "userId": "12345678",
 "image": "T2dnUwACAAAAAAAAAAAd8pVTAAAAAGsIvpMBE..."
}

Generate CanonicalizedQueryString

b3ad8e9d16439ccd5e91924d2516bf9592975003f69beff44e56cddf47bd3118

Generate StringToSign

POST
isafe.ilivedata.com
/api/v1/image/check
b3ad8e9d16439ccd5e91924d2516bf9592975003f69beff44e56cddf47bd3118
X-AppId:***
X-TimeStamp:2020-07-31T07:59:03Z

Signatures from HMAC calculations

****

HTTP response

Content-Type: application/json;charset=UTF-8

The result is in JSON format, please refer to the following example.

• Description of returning json field:

• Response example:

    {
    "errorCode":0,
    "taskId":"Telnet-test_99b2bf004d4a4591bfedbba9574e74d4_1702882338368"
    }
  

Error code