These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
  • Topic is locked indefinitely.
 

ESI Proxy supporting key/hash auth (EXPERIMENTAL!)
Author
Previous Topic Next Topic
salacious necrosis
Garoun Investment Bank
Gallente Federation
#1 - 2017-02-02 04:44:48 UTC
TL;DR This site implements a proxy for the ESI which lets one
use a key/hash auth scheme (same as supported by the XML API) in place of OAuth'd scopes. It's an experiment
on a single server at the moment (be gentle!). If there's sufficient interest, I'll continue development and put it on a cluster
with a load balancer. Complete source is here.

Why would I want to use this proxy?

The expected users are applications which can't or don't want to implement OAuth token handling logic (e.g. non-interactive applications); or users who need access from tools which make OAuth difficult (e.g. Google Sheets).

How does it work?

Using the proxy web site, you authorize one or more EVE SSO scopes which the proxy assigns to a unique key/hash pair. Instead of calling an ESI endpoint directly, you call the same endpoint on the proxy, passing your key/hash as query parameters. The proxy verifies your key/hash and then adds an appropriate authorization header before forwarding the request to the ESI. The proxy also handles refresh if an access token expires.

More practically, whereas before you would invoke:

https://esi.tech.ccp.is/latest/characters/12345/assets/

you now invoke:

https://esi-proxy.orbital.enterprises/latest/characters/12345/assets/?esiProxyKey=..yourkey..&esiProxyHash=..yourhash..

Sounds awesome! How do I try it?

Log in (using EVE SSO) to the proxy site here and follow the instructions on the main page. Note the links at the bottom of the main page which you can use to try out the Swagger UI using the proxy.

Anything else I should know?

You can't currently create a key authorized for all available scopes. This is because of an HTTP URL limit. Not sure what, if anything, CCP plans to do to work around this. As a somewhat inconvenient workaround, you can create multiple keys on the proxy with different scopes.

Also, the proxy currently limits each user to 100 defined key pairs. That seems reasonable, but let me know if you think otherwise.

Use EveKit ! - Tools for EVE Online 3rd party development
David Davaham
Deep Blue Logistics
#2 - 2017-02-02 04:53:07 UTC
ERR_CONNECTION_REFUSED

http://i.imgur.com/AQjKrnm.png

Developer of EVEmail
salacious necrosis
Garoun Investment Bank
Gallente Federation
#3 - 2017-02-02 05:29:47 UTC
David Davaham wrote:
ERR_CONNECTION_REFUSED

http://i.imgur.com/AQjKrnm.png


FIXED!

Use EveKit ! - Tools for EVE Online 3rd party development
Professor JinMine
Project Fruit House
#4 - 2017-02-02 06:57:16 UTC
Thank you!
YeuxVerts Belle
Royal Amarr Institute
Amarr Empire
#5 - 2017-02-03 08:47:40 UTC
That's an interesting idea you had there. Too bad i already went through all the trouble of implementing SSO for my scheduled data pulls.

The above message presents my opinions on the topic at hand. If there is a conflict between my views and reality, consider reality to be correct until proven otherwise.
salacious necrosis
Garoun Investment Bank
Gallente Federation
#6 - 2017-02-08 17:53:31 UTC
Folks,

It turns out I'm assuming a fair amount of liability by offering this general service, so I'm going to have to lock it down to basically just myself. I shared the link to the GitHub project in the original post. It is fairly straightforward to clone and run this project yourself. All you really need to do is provide your own SSO key and secret. There aren't many current users of the service, but out of courtesy I'm going to wait until tomorrow to lock things down. If someone has a burning desire to continue using the service in its current form, please EVE mail me and we can talk about an arrangement.

Sal

Use EveKit ! - Tools for EVE Online 3rd party development