These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
  • Topic is locked indefinitely.
 

OAuth sso with scopes
Author
Previous Topic Next Topic
Dread Griffin
Pator Tech School
Minmatar Republic
#1 - 2017-05-07 07:12:09 UTC
I've got a flask webapp working with sso authentication similar to this example. This example was suggested on the eve devblog here.


The example uses the flask-oauthlib module to handle authentication and token retrieval. However, this example doesn't really touch on how to get specific scopes. Does anyone have an example of how to request specific scopes with this library?
Althalus Stenory
Flying Blacksmiths
#2 - 2017-05-07 16:55:12 UTC  |  Edited by: Althalus Stenory
Even when I used pycrest, I only used flask-oauthlib to get tokens and give them to the final CREST lib.

When I started using ESI I stopped using it, as I found it was more a PITA than anything else (I was required to manually add headers in the requests manually).

I know it's not using the lib you asked, but you can take a look at the example I made for EsiPy : https://github.com/Kyria/flask-esipy-example : login using SSO then query a specific enpoint (wallet in the example).
In short, this example do (using EsiPy):
- login using SSO
- store user data (char name/id, tokens) in the database
- access wallet endpoint and display the current wallet values + user data

Hope it also helps.

EsiPy - Python 2.7 / 3.3+ Swagger Client based on pyswagger for ESI
lanyaie
Nocturnal Romance
Cynosural Field Theory.
#3 - 2017-05-07 17:33:11 UTC  |  Edited by: lanyaie
Dread Griffin wrote:
I've got a flask webapp working with sso authentication similar to this example. This example was suggested on the eve devblog here.


The example uses the flask-oauthlib module to handle authentication and token retrieval. However, this example doesn't really touch on how to get specific scopes. Does anyone have an example of how to request specific scopes with this library?


On that specific example you would need to do:

@app.route("/login")
def login():
return evesso.authorize(callback=url_for('authorized', _external=True, _scheme="http"),scope="{{ENTER YOUR SCOPES HERE}}")
   


Go to your applications page's url it looks osmething like:
https://developers.eveonline.com/applications/details/****


Copy the requested scopes to clipboard and replace them in the above example.

Then in this part of the example here add the bolded part:

def authorized():
.....
session['evesso_token'] = (resp['access_token'], '')
refreshtoken = (resp['refresh_token'], '')   <-----add this
.....
return redirect(url_for("index"))




You will then have a refresh token assigned to that variable. This can be stored indefinitely in a db/whaver, then use that to obtain a new access token and perform whatever magic you want to do. An access token is only valid for 20mins, refresh token is valid until someone cancels your app permissions.

Spaceprincess

People who put passwords on char bazaar Eveboards are the worst.