These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
 

Looking for sample C# code to authenticate a user

Author
KenFlorian
Jednota Inc
#1 - 2017-04-07 00:25:06 UTC
Help me reboot my career as a coder.

I'm looking for sample C# code to authenticate a user.

After that, I'm sure it gets easy to get back in the saddle. Ugh

Thanks.
Padruda Ehinu
Wormhole Inquisition
Invidia Gloriae Comes
#2 - 2017-04-08 10:32:43 UTC
Hey ho,

I don't think, you will need sample code.

But try to implement this graph:

- Build the URL to SSO Site
- Open Browser with said URL
- Wait for the callback (URI schema or a local HTTP Servlet response)

There is a nice document at readtehdocs.io. Read carefully and you will get the hang pretty fast.
Cherry Sulphate
ojingo
#3 - 2017-04-09 21:39:49 UTC
hey man.

bunch of useful crap here.

register your application (even for test purposes) here.
this will generate a client id and secret key you will then use to authenticate users.

check out the esi interface here, you'll want to use this over all the old methods.

in theory, it could look something like this.
user hits login button which will re-direct to ccp and grab an authentication code for the character they want to use:


[HttpPost]
public RedirectResult Index()
{
    string redirect_url = "http://localhost/ropeyevetest/index/callbackaction";
    string clientid = "CLIENT ID FROM APPLICATION REGISTRATION";
    string scope = "esi-location.read_location.v1";
    string url = $"https://login.eveonline.com/oauth/authorize/?response_type=code&redirect_uri={redirect_url}&client_id={clientid}&scope={scope}";
    return Redirect(url);
}


redirect url is where ccp will post back to with the authorisation code & you set this up when you regiser your app.
scope are the apis you seek permission to access for the given character; in this instance just character location.
when the user hits authorize, they'll drop back into your callback url.

here you could do something like this:


public ActionResult CallbackAction()
{
    string auth_code = Request.Params["code"];

    // now we can use the authorization code to grab an access token.
    using (var client = new WebClient())
    {
        // build and apply the authorisation header.
        string clientid = "CLIENT ID FROM APPLICATION REGISTRATION";
        string secret = "SECRET KEY FROM APPLICATION REGISTRATION";
        string auth_header = $"{clientid}:{secret}";
        string auth_header_64 = $"Basic {Convert.ToBase64String(Encoding.UTF8.GetBytes(auth_header))}";
        client.Headers[HttpRequestHeader.Authorization] = auth_header_64;

        // build the post parameters.
        var post_params = new NameValueCollection();
        post_params.Add("grant_type", "authorization_code");
        post_params.Add("code", auth_code);
        
        // post info and grab the response.
        byte[] response = client.UploadValues("https://login.eveonline.com/oauth/token", "POST", post_params);
        string actual_response = Encoding.UTF8.GetString(response);
    }
    
    return View();
}


the response is just a json object, which contains an access token you can use over and over to call the permitted apis.
read the linked site for more info about the refresh token, etc.

calling an API is then as simple as this:


[HttpPost]
public ActionResult Locate(string command)
{
    string access_token = "ACCESS TOKEN FROM CCP";

    using (var client = new WebClient())
    {
        // apply the authorisation header.
        string auth_header = $"Bearer {access_token}";
        client.Headers[HttpRequestHeader.Authorization] = auth_header;

        string response = client.DownloadString("https://esi.tech.ccp.is/latest/characters/SOME-CHARACTER-ID/location/");
    }

    return View();
}


etc.
KenFlorian
Jednota Inc
#4 - 2017-04-09 21:49:42 UTC  |  Edited by: KenFlorian
Cherry,

Thank you so much!

Or, rather,

"Cherry, you're da bomb!"

This is helpful.
KenFlorian
Jednota Inc
#5 - 2017-05-12 20:37:52 UTC
Cherry,

Finally working on this and using your stuff unaltered.

I am logging in and getting back the auth_code but still getting a 403 when I hit

https://esi.tech.ccp.is/latest/characters/12345/assets/?datasource=tranquility

I know my scopes are correct because I grabbed all of them (doh).

No easy way to show you what i've got and I'm sure how to debug this.

Any recommendations?
Blacksmoke16
Resilience.
#6 - 2017-05-12 20:58:28 UTC
Are you requesting every scope in devsite AND your app? Just because you add in every scope on the dev site does not give your application every scope. Check the first set of code Cherry gave you; notice how the url has the scope section at the end. This is where you request what scopes you want to use.

https://login.eveonline.com/oauth/authorize/?response_type=code&redirect_uri={redirect_url}&client_id={clientid}&scope={scope}

In your case your URL would look something like:

https://login.eveonline.com/oauth/authorize/?response_type=code&redirect_uri={redirect_url}&client_id={clientid}&scope=esi-assets.read_assets.v1
KenFlorian
Jednota Inc
#7 - 2017-05-12 21:03:54 UTC
Right. Got that. I'd done both...made em available in devsite and stuck all of them in my string.

So, my problem is more fundamental....C# and web app, in general, is all new to me.
Blacksmoke16
Resilience.
#8 - 2017-05-12 21:09:41 UTC
Try using postman or something similar using the token generated by your app. If it works then you know it is something with your code.

If it does work then make sure that your function used to get that data properly includes the auth header 'Bearer {Token}'

If it does not work then recheck the function used to get the token.

NOTE: There is an issue with requesting ALL the scopes (including old crest/xml api ones). So maybe another thing to try would be only using the one you want. Else I'm out of ideas w/o some more info.
KenFlorian
Jednota Inc
#9 - 2017-05-12 22:08:57 UTC  |  Edited by: KenFlorian
There is a "DOH" in here somewhere....

public ActionResult CallbackAction()
{
string auth_code = Request.Params["code"];

// now we can use the authorization code to grab an access token.
using (var client = new WebClient())
{
// build and apply the authorization header.
string clientid = "blah";
string secret = "blah";
string auth_header = $"{clientid}:{secret}";
string auth_header_64 = $"Basic {Convert.ToBase64String(Encoding.UTF8.GetBytes(auth_header))}";
client.Headers[HttpRequestHeader.Authorization] = auth_header_64;

// build the post parameters.
var post_params = new NameValueCollection();
post_params.Add("grant_type", "authorization_code");
post_params.Add("code", auth_code);

byte[] response = client.UploadValues("https://login.eveonline.com/oauth/token", "POST", post_params);
string actual_response = Encoding.UTF8.GetString(response);

Assets(actual_response);
}

return View();






public void Assets(string command)
{

string access_token = command;

using (var client = new WebClient())
{
// apply the authorization header.
string auth_header = $"Bearer {access_token}";
client.Headers[HttpRequestHeader.Authorization] = auth_header;

string responseNew = client.DownloadString("https://esi.tech.ccp.is/latest/characters/9999999999/assets/?datasource=tranquility");
}

return;
KingdomX2
Flying Hippie Commune
#10 - 2017-06-30 06:19:38 UTC
Cherry Sulphate wrote:
hey man.

bunch of useful crap here.

register your application (even for test purposes) here.
this will generate a client id and secret key you will then use to authenticate users.

check out the esi interface here, you'll want to use this over all the old methods.

in theory, it could look something like this.
user hits login button which will re-direct to ccp and grab an authentication code for the character they want to use:


[HttpPost]
public RedirectResult Index()
{
    string redirect_url = "http://localhost/ropeyevetest/index/callbackaction";
    string clientid = "CLIENT ID FROM APPLICATION REGISTRATION";
    string scope = "esi-location.read_location.v1";
    string url = $"https://login.eveonline.com/oauth/authorize/?response_type=code&redirect_uri={redirect_url}&client_id={clientid}&scope={scope}";
    return Redirect(url);
}


redirect url is where ccp will post back to with the authorisation code & you set this up when you regiser your app.
scope are the apis you seek permission to access for the given character; in this instance just character location.
when the user hits authorize, they'll drop back into your callback url.

here you could do something like this:


public ActionResult CallbackAction()
{
    string auth_code = Request.Params["code"];

    // now we can use the authorization code to grab an access token.
    using (var client = new WebClient())
    {
        // build and apply the authorisation header.
        string clientid = "CLIENT ID FROM APPLICATION REGISTRATION";
        string secret = "SECRET KEY FROM APPLICATION REGISTRATION";
        string auth_header = $"{clientid}:{secret}";
        string auth_header_64 = $"Basic {Convert.ToBase64String(Encoding.UTF8.GetBytes(auth_header))}";
        client.Headers[HttpRequestHeader.Authorization] = auth_header_64;

        // build the post parameters.
        var post_params = new NameValueCollection();
        post_params.Add("grant_type", "authorization_code");
        post_params.Add("code", auth_code);
        
        // post info and grab the response.
        byte[] response = client.UploadValues("https://login.eveonline.com/oauth/token", "POST", post_params);
        string actual_response = Encoding.UTF8.GetString(response);
    }
    
    return View();
}


the response is just a json object, which contains an access token you can use over and over to call the permitted apis.
read the linked site for more info about the refresh token, etc.

calling an API is then as simple as this:


[HttpPost]
public ActionResult Locate(string command)
{
    string access_token = "ACCESS TOKEN FROM CCP";

    using (var client = new WebClient())
    {
        // apply the authorisation header.
        string auth_header = $"Bearer {access_token}";
        client.Headers[HttpRequestHeader.Authorization] = auth_header;

        string response = client.DownloadString("https://esi.tech.ccp.is/latest/characters/SOME-CHARACTER-ID/location/");
    }

    return View();
}


etc.



Thank you so much for this! Finally managed to get it working with this freaking OAuth2 thing. Tried on PHP but gave it up as the OAuth2 proccess there is just weird for me.

Haven't programming in C# for some time but got it working with your help! Big smileBig smileBig smile