Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Jen Moriarty
Snuff Box Snuffed Out
45
|
Posted - 2014.11.19 15:43:37 -
[1] - Quote
Hi there,
I wanted to ask if the EVE SSO framework is available for all sites. I've registered my site using https://developers.eveonline.com/applications, then proceeded to scavenge some rudimentary code from https://github.com/fuzzysteve/eve-sso-auth/blob/master/devauthcallback.php (I switched to using https://login.eveonline.com/ instead of SISI) but I still have issues. I tried following the instructions in https://developers.eveonline.com/resource/single-sign-on: The first stage of authentication works, redirecting me back to my site with a code parameter. However, when trying to proceed to the next stage ("Verify the authorization code") the process fails. Not sure what I'm doing wrong. Started thinking maybe this is only available to a preselected group of sites.
Jen |
Steve Ronuken
Fuzzwork Enterprises Vote Steve Ronuken for CSM
4210
|
Posted - 2014.11.19 16:21:36 -
[2] - Quote
If you've updated the details correctly in my code, it should work fine.
You'll need to update:
The client id. The secret. The callback url.
And all the verify urls.
Woo! CSM 9!
Fuzzwork Enterprises
Twitter: @fuzzysteve on Twitter
|
Jen Moriarty
Snuff Box Snuffed Out
45
|
Posted - 2014.11.19 17:56:13 -
[3] - Quote
Hey Steve! I'm liking your code - it's pretty self explanatory.
This is the code I'm using:
authenticate_2("https://login.eveonline.com/oauth/token", $auth_code, $client_id, $secret_key);
function authenticate_2($url, $code, $clientid, $secret) { $useragent="TEST"; //Do the initial check. $header='Authorization: Basic '.base64_encode($clientid.':'.$secret); $fields_string=''; $fields=array( 'grant_type' => 'authorization_code', 'code' => $code ); foreach ($fields as $key => $value) { $fields_string .= $key.'='.$value.'&'; } rtrim($fields_string, '&'); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, $useragent); curl_setopt($ch, CURLOPT_HTTPHEADER, array($header)); curl_setopt($ch, CURLOPT_POST, count($fields)); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); $result = curl_exec($ch);
var_dump($result); }
The result is FALSE. The code seems fine to me, so perhaps there's something I'm not getting. |
Steve Ronuken
Fuzzwork Enterprises Vote Steve Ronuken for CSM
4210
|
Posted - 2014.11.19 19:08:24 -
[4] - Quote
That's weird. The FALSE suggests there's a communication issue.
What's the curl_error($ch)?
(try commenting out the two ssl verifies. It might be a certificate trust issue)
Woo! CSM 9!
Fuzzwork Enterprises
Twitter: @fuzzysteve on Twitter
|
Jen Moriarty
Snuff Box Snuffed Out
45
|
Posted - 2014.11.19 19:28:47 -
[5] - Quote
Indeed. "SSL certificate problem: unable to get local issuer certificate".
Even when commenting out the two SSL lines |
Risingson
89
|
Posted - 2014.11.19 20:59:17 -
[6] - Quote
nvm
Eveeye Maps Alpha | Eveeye-áPrototype YD-114 Onboard Computer Systems
|
Steve Ronuken
Fuzzwork Enterprises Vote Steve Ronuken for CSM
4211
|
Posted - 2014.11.20 02:00:18 -
[7] - Quote
That suggests one of two things:
A: you have an old copy of the curl library, so it can't verify the certificate, as the issuer certificate isn't trusted B: There's something man in the middling your server (like a proxy)
B isn't good, but might be happening for load reasons on your host. A also isn't good, but only because it's old.
Unfortunately, the directive to provide a new ca file is a webserver level directive, so you can't set it with a htaccess file.
If you have complete control of the server, you could use http://php.net/manual/en/curl.configuration.php to provide an updated one, or update curl.
Alternatively, if you can lay your hands on an appropriate cacerts file, you can use something like: curl_setopt($ch, CURLOPT_CAINFO, '/path/to/cacert.pem')
to set one. http://www.fuzzwork.co.uk/resources/ca-bundle.crt.gz is a gzipped (use 7zip to extract) copy of the one my server is using.
Your site being http or https isn't, in this case, important. (https is preferable, but user data isn't being exposed. If you were doing full CREST, it would be a lot more important, as something in the middle could intercept and use your tokens.)
Woo! CSM 9!
Fuzzwork Enterprises
Twitter: @fuzzysteve on Twitter
|
Steve Ronuken
Fuzzwork Enterprises Vote Steve Ronuken for CSM
4211
|
Posted - 2014.11.20 02:03:28 -
[8] - Quote
Oh, and if you want https, while it's less than perfect, you can use cloudflare.com's free package to provide https to your users.
It's still travelling cleartext between your server and cloudflare, but that's better than the whole route being unprotected. (and if you have SSL, but it's only self signed, you can tell cloudflare to use that, so it's protected the whole way)
Woo! CSM 9!
Fuzzwork Enterprises
Twitter: @fuzzysteve on Twitter
|
Jen Moriarty
Snuff Box Snuffed Out
45
|
Posted - 2014.11.20 02:47:20 -
[9] - Quote
I ended up checking a different hosting service in which it works. \o/
Incidentally - any recommendations for a free hosting service that allows for php, cronjob and ssl? |
Xinryu
NEXUS Financial
3
|
Posted - 2014.11.20 05:30:49 -
[10] - Quote
Jen Moriarty wrote:I ended up checking a different hosting service in which it works. \o/
Incidentally - any recommendations for a free hosting service that allows for php, cronjob and ssl? Depending on how familiar/comfortable you are with Linux, I'd recommend going with DigitalOcean. You basically start out with an image of an OS of your choosing, and build it up from that point. There's a variety of guides available that detail pretty much everything from setting up a LAMP stack to setting up SSL. On the note of SSL, you can get a free 1 year certificate from StartSSL.
[NEXFI] NEXUS Financial --{ BETA II }--
https://nexusdev.net/nexfi/
|
|
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |