These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
  • Topic is locked indefinitely.
12Next page
 

Symfony HWI OAuthBundle for Eve SSO

First post First post
Author
Talos Katuma
Helion Production Labs
Independent Operators Consortium
#1 - 2014-10-07 21:45:01 UTC
I forked the HWI OAuth Bundle and started adding a new type for Eve SSO (currently configured for sisi).
After some more testing I'll send a pull request towards HWI so that it hopefully gets integrated in the normal bundle.

For now if you want to play with it:

https://github.com/tarioch/HWIOAuthBundle
Pete Butcher
The Scope
Gallente Federation
#2 - 2014-10-07 21:50:06 UTC
Lol, I was planning to do the exact same thing tomorrow.

http://evernus.com - the ultimate multiplatform EVE trade tool + nullsec Alliance Market tool

Mister Stark
Kindle Inc.
#3 - 2014-10-07 23:35:36 UTC
I setup a working version with a general resource owner. https://gist.github.com/smithmilner/871941b0a7918d752f4b
CCP FoxFour
C C P
C C P Alliance
#4 - 2014-10-08 09:46:33 UTC
Thats awesome work guys. Keep it up!

@CCP_FoxFour // Technical Designer // Team Tech Co

Third-party developer? Check out the official developers site for dev blogs, resources, and more.

Talos Katuma
Helion Production Labs
Independent Operators Consortium
#5 - 2014-10-08 19:49:27 UTC
Pull request submitted, hopefully it get's merged soon (and hopefully productive sso goes live soon)

https://github.com/hwi/HWIOAuthBundle/pull/666
Tahnil
Gunboat Commando
#6 - 2015-01-05 20:56:00 UTC  |  Edited by: Tahnil
Hi. I‘m trying to get this running. Unfortunately I‘m missing some information. Installation went fine, I can start the auth process, but I‘m getting an error from EVE SSO:

invalid_request
The callback URI doesn't match the value stored for this client

And in fact the callback URI is wrong:
https://login.eveonline.com/oauth/authorize?response_type=code&client_id=asdfasdfasdfasdfasdf&redirect_uri=http%3A%2F%2Faura.harad.de%2Fapp_dev.php%2Flogin%2Fcheck-eveonline

But I really don‘t know where I should configure the callback URI in symfony / HWIOauth. Any ideas?

(PS: I scrambled the client id ;-))
Talos Katuma
Helion Production Labs
Independent Operators Consortium
#7 - 2015-01-06 06:19:22 UTC
What did you use as callback url when registering on ccp sso site?
Tahnil
Gunboat Commando
#8 - 2015-01-06 12:49:59 UTC  |  Edited by: Tahnil
It‘s http://aura.harad.de, so the domain is right. But I guess it‘s wrong nevertheless. My main problem is that I don‘t fully understand the HWI OAuth bundle yet :-D
CCP FoxFour
C C P
C C P Alliance
#9 - 2015-01-06 13:02:15 UTC  |  Edited by: CCP FoxFour
Tahnil wrote:
It‘s http://aura.harad.de, so the domain is right. But I guess it‘s wrong nevertheless. My main problem is that I don‘t fully understand the HWI OAuth bundle yet :-D


The redirect URI being sent to the SSO is: http%3A%2F%2Faura.harad.de%2Fapp_dev.php%2Flogin%2Fcheck-eveonline

Which translates to: http://aura.harad.de/app_dev.php/login/check-eveonline

You have it set to: http://aura.harad.de

The callback set on developers.eveonline.com has to match exactly with where the user is going to be redirected to. :)

@CCP_FoxFour // Technical Designer // Team Tech Co

Third-party developer? Check out the official developers site for dev blogs, resources, and more.

Talos Katuma
Helion Production Labs
Independent Operators Consortium
#10 - 2015-01-07 06:13:21 UTC
For production it should be

http://aura.harad.de/login/check-eveonline

Also if possible try to shift to https
Tahnil
Gunboat Commando
#11 - 2015-01-07 23:14:43 UTC
Wow. That was simple :-D Thanks a lot.

But I'm still struggling with HWI OAuth and FOS User Bundle, as I'm trying to persist EVE SSO data in my user database table. I think there should be some mapping of SSO data to my user entity, but I didn't find out yet how to do this.

For a hobby dev like me without much auth know how this is pretty tricky.
Talos Katuma
Helion Production Labs
Independent Operators Consortium
#12 - 2015-01-08 19:06:18 UTC
Yeah it's unfortunately not trivial.

The trick is in the user provider. If you use FOS User Bundle, they have a FOSUserBundle if not, the also have an EntityUserProvider

Quickly using google, this looks like it explains it all
http://inchoo.net/dev-talk/symfony-hwioauthbundle-and-google-sign-in/
Tahnil
Gunboat Commando
#13 - 2015-01-11 17:55:16 UTC
Wow. Thanks for the link. That seems to be so much easier than implementing FOS UserBundle.

However, now I managed to persist some EVE SSO data in the database:
– Character name
– Character ID

But I need the SSO access_token, and I don‘t know how to grab it. How do I access specific response data?
Talos Katuma
Helion Production Labs
Independent Operators Consortium
#14 - 2015-01-11 18:11:37 UTC
I'm honestly not sure if that works right now or actually needs some adjustment on the hwi oauth/eve online resource provider side. When I (and others) wrote the resource provider, there was not yet anything beside the authentication part.
Tahnil
Gunboat Commando
#15 - 2015-01-11 19:11:21 UTC  |  Edited by: Tahnil
OK, got it.

I think in this case it would be good to extend the EVE Online resource provider for HWI OAuth in the near future.
Steve Ronuken
Fuzzwork Enterprises
Vote Steve Ronuken for CSM
#16 - 2015-01-11 19:19:54 UTC
if you want to get https, without paying for a certificate, take a look at https://www.cloudflare.com/ which has a free option to get it Smile

Woo! CSM XI!

Fuzzwork Enterprises

Twitter: @fuzzysteve on Twitter

Talos Katuma
Helion Production Labs
Independent Operators Consortium
#17 - 2015-01-11 19:49:01 UTC
Another one is https://www.startssl.com/
Shaylas
Capital Warfare
#18 - 2015-01-11 21:02:21 UTC
Steve Ronuken wrote:
if you want to get https, without paying for a certificate, take a look at https://www.cloudflare.com/ which has a free option to get it Smile

The options that CF offers is more a Fake-SSL. Only a part of the connection is secured.
Steve Ronuken
Fuzzwork Enterprises
Vote Steve Ronuken for CSM
#19 - 2015-01-11 22:01:04 UTC
Shaylas wrote:
Steve Ronuken wrote:
if you want to get https, without paying for a certificate, take a look at https://www.cloudflare.com/ which has a free option to get it Smile

The options that CF offers is more a Fake-SSL. Only a part of the connection is secured.



Depends which option you use. You can use the full ssl option, which encrypts the connection between you and cloudflare. (it does mean cloudflare can see everything in passing.)

Even with the flexible ssl option, it's covering the most dangerous stage (from the client to the net)

Woo! CSM XI!

Fuzzwork Enterprises

Twitter: @fuzzysteve on Twitter

Tahnil
Gunboat Commando
#20 - 2015-01-11 23:09:55 UTC
Regarding the HWI OAuth Bundle and the EVE Online resource provider: when I authenticate with my Tahnil character (which works fine), I can see in the Symfony profiler unter Request > Session Attributes that the EVE SSO data are in a session attribute called _security_main.

There is the access token, token type, expires in, and the refresh token. So everything is there. Only question remains: how to access this data. Any ideas anybody? My googling has been unsuccessful so far. I only found out how to get the other Session attributes such as id (of user in my user table), nickname (Tahnil), and realname (Tahnil, too).
12Next page