Pages: [1] 2 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.16 23:25:56 -
[1] - Quote
It would be nice if there was an sdk window for programming a window in eve. We could make use of some cool marketing ideas for players, say giving location and finding closes x-type something.
foxjazz |
Salgare
Satan's Gut
2
|
Posted - 2016.07.17 01:01:58 -
[2] - Quote
Please elaborate, I don't understand what you are suggesting |
Carbon Alabel
The Alabaster Albatross Sev3rance
14
|
Posted - 2016.07.17 01:30:35 -
[3] - Quote
Not going to happen.
With the IGB getting killed off and CREST superseding it, this is the exact kind of thing EVE's third party development is going away from. |
Salgare
Satan's Gut
2
|
Posted - 2016.07.17 05:15:24 -
[4] - Quote
Is that not what this does?
https://eveonline-third-party-documentation.readthedocs.io/en/latest/crest/character/char_location.html
wow and a 5 second cache ... right on your tail through those jumps |
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.18 05:57:00 -
[5] - Quote
I read those docs, but I didn't understand them. Where do you get the character ID? is an api key needed for that?
|
Salgare
Satan's Gut
2
|
Posted - 2016.07.18 06:29:03 -
[6] - Quote
foxjazz wrote:I read those docs, but I didn't understand them. Where do you get the character ID? is an api key needed for that?
The preferred method is a special "verify" endpoint that you use immediately after SSO and it returns you the CharacterId, CharacterName and CharacterHash
https://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/obtaincharacterid.html
In my implementation, I have a Base20ClientInfo class which contains the access_token and refresh_token (and other state) associated with the OAuth v2.0 Authentication (SSO), this is extended by a CrestClientInfo that adds in this verify data. The access_token contained in the Base20ClientInfo along with the CharacterId in the CrestClientInfo can then be used on the large majority of xml-api calls via using the access_token in place of the old api keys as shown here:
https://eveonline-third-party-documentation.readthedocs.io/en/latest/xmlapi/authentication.html (see the SSO Access tokens section) and then using the CharacterId as documented in the various endpoints that require it.
You can still use the old xml-api keys obtained manually from the users like existing external third party applications, however if you are writing new code it would be best to bite the bullet and figure out the SSO and consider the xml-api keys deprecated.
I am attempting to write a middle-tier framework that others could readily extend. If you are writing a brand new application feel free to contact me to see if we can make it work.
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.18 17:46:56 -
[7] - Quote
Hi I have a relatively new app. And I have read further the docs. I would like to use SSO but I am at a loss of how to obtain the SSO access token.
My eve app is http://evemarket.foxjazz.net
I want to add some features to my app based on character location. I think my app should be able to get an access tolken, but when I tried : https://login.eveonline.com/oauth/verify
I received errorcode message. And I am logged on to eve as foxjazz at this time.
Regards, Joe |
Salgare
Satan's Gut
2
|
Posted - 2016.07.18 18:01:06 -
[8] - Quote
Hey Joe, I jumped you a bit further into the doc to that "verify" endpoint. Start right at the beginning to see how to get the access token https://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/index.html
I don't know how the scripting languages are doing the three phase OAuth authentication (SSO) and so others will need to help you there.
I'm looking at working RabitMq into my framework at this time to see if my framework could not provide that for you (as well as the location and/or whatever other data you need). If you are fairly versed in php or whatever you are using and coded that side of the queue we could work together and try it out.
https://www.rabbitmq.com/devtools.html#php-dev
I'll provide the backend server. |
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.18 20:00:33 -
[9] - Quote
Hi, so your right, there is not clear instructions on how to do the SSO. Where is the example of getting a token so that I can build a request to get a key?
I like RabbitMQ, what might be useful is to subscribe to price data based on location and type.
I don't know php, I am working with angular2 javascript to pull data.
so based on an observable http request I could act on messages.
Joe
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.18 20:05:25 -
[10] - Quote
oh I am finding out more. need to read more docs! |
|
Salgare
Satan's Gut
2
|
Posted - 2016.07.18 23:00:56 -
[11] - Quote
You did see the SSO sections on client side applications right? There are about 3 options suggested with pros/cons. However they are less optimal than a service on the server which I'm sure angular would give you. My framework (crestj) is java and written for the business and database tiers.
I assume angular could provide a service but understand your hesitancy to go to that expense (code, time and money). The Location you want is only available via SOS. Crestj will handle multiple capsuleers, in fact it can handle multiple applications. I'm planning on running it on an Amazon AWS medium instance which would cost about 60 bucks a month.. If several apps shared it, it could be a real cheap server.
If you are interested, I was thinking just like you for rabbitMQ, the endpoint uri's would be a natural subscription. It would require a few RPC api's for the client to push me the "authentication button pushed" event and possibly some limited set of configuration information.
I'm setting up my server right now with rabbit, and php. I'm using postres for my persistence and will provide request/reply db api's to the databases (cpp static and my ACL groups/rights/refresh token tracking etc.). I'm using Tomcat and assume we could get angular working with it. If you are interested in a "public cache" shared by multiple applications let me know.
my part is all github/opensource anyone could run their own private servers as well, along with reviewing for security to make sure no snooping of confidential data is leaking out.
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.18 23:27:53 -
[12] - Quote
Salgare wrote:You did see the SSO sections on client side applications right? There are about 3 options suggested with pros/cons. However they are less optimal than a service on the server which I'm sure angular would give you. My framework (crestj) is java and written for the business and database tiers.
I assume angular could provide a service but understand your hesitancy to go to that expense (code, time and money). The Location you want is only available via SOS. Crestj will handle multiple capsuleers, in fact it can handle multiple applications. I'm planning on running it on an Amazon AWS medium instance which would cost about 60 bucks a month.. If several apps shared it, it could be a real cheap server.
If you are interested, I was thinking just like you for rabbitMQ, the endpoint uri's would be a natural subscription. It would require a few RPC api's for the client to push me the "authentication button pushed" event and possibly some limited set of configuration information.
I'm setting up my server right now with rabbit, and php. I'm using postres for my persistence and will provide request/reply db api's to the databases (cpp static and my ACL groups/rights/refresh token tracking etc.). I'm using Tomcat and assume we could get angular working with it. If you are interested in a "public cache" shared by multiple applications let me know.
my part is all github/opensource anyone could run their own private servers as well, along with reviewing for security to make sure no snooping of confidential data is leaking out.
What you are saying seems very cool. https://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/authentication.html I read the docs on the above link. No client side info, just sso authentication with callback.
But I don't see any examples of how to implement the request, that's where I went off reading the other SSO docs :(
If there was a way to publish my app on that server it would be fine with me. I am github open source as well. https://github.com/foxjazz/evemonkey.git
If I am understanding, RPC api's for the "eve client" to authenticate? That would be nice. Or do you mean the SPA app client? what's the git address for your part? Talk soon,
foxjazz/Joe |
Salgare
Satan's Gut
2
|
Posted - 2016.07.18 23:58:00 -
[13] - Quote
https://forums.eveonline.com/default.aspx?g=posts&m=6558577#post6558577
To do the sso correctly, you really need a web server, I have just enough Wicket (a java web app framework) in place to do the OAuth. Other than the Eve Authentication button the three phase authentication requires no view. So I think we could use the queue as the "button" to jump to my viewless url's.
I have a lot of things left to do, but the authentication, cache engine, event callbacks, and essential db implementation is currently working. I've been wanting to get a good full of the high level systems before diving into the 120 or so json/xml marshaling to cover all the endpoints. But like I say, I've been focused on only a couple endpoints at this time.
i.e. I could implement the new Location endpoint you want in about a half hour.
Can you point me to some angular download/installation documentation to get it installed on the development server?
I see there are at least two versions |
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.19 00:16:41 -
[14] - Quote
Hi,
https://github.com/antonybudianto/angular2-starter
this is the angular starter that I am currently using. And you will find it reliable. Using visualstudio code for my dev tools.
Read the readme to get it up and running.
Angular2 not angular is what I am using, and they justify using observables for their http client services.
My current app has plenty of examples of those. As far as angular docs that I use
https://angular.io/docs/ts/latest/quickstart.html
Joe |
Salgare
Satan's Gut
2
|
Posted - 2016.07.19 00:33:07 -
[15] - Quote
I'll get back to you when I'm pushing the queue for location. I work full time, so might be a few days |
Salgare
Satan's Gut
2
|
Posted - 2016.07.19 07:28:39 -
[16] - Quote
I did not realize angular2 == nodejs
Well I have the quickstart running and your code cloned to the server box. I noted the quickstart hit the browser with localhost:3000 ... which is good news, I was afraid we would have to fight port 80 issues.
Oh, and I'm not sure what I was thinking on the authentication going through the queue ... none of my side has dialogs needed in the view, but the ccp login dialog sure does ... but I'm already persisting the Capsuleer's name and his refresh_token in my db the first time I see a new one. Thus users are required to use my simple Wicket framework view for a one time authentication for me to capture their this information. I'm then their permanent "agent" until/unless they cancel it in support->3rdparty apps.
It would be nice to have one initial push from the normally consumer side of the queue to the java producer side with a list of scopes the application will require. Otherwise I'll need to provide them a checkbox list of all of them and they would need to know which ones were required .... we need to think of a good way to keep the user out of this loop.
This Wicket gui will grow a bit for providing dialogs for setting up the access groups and rights for capsuleer sharing, system health/control etc.
The other thing that will need playing with is very large data. The cache already notes in the objects the last refresh time, next refresh time, last access time so I can drop old/unused objects smartly. But java has "iterators" which allow for lazy evaluation for all of the page walking type endpoints, where it may be best to only get/cache x number of pages per pull and wait for some indication from the consumer they are going to keep paging and want more look ahead.
So it's like a maintenance/control site for a cache/framework/rabbitmq that just runs daemon under the covers all the time.
This is working out cool. I also have PHP all loaded up ...there is a bridge that allows for direct API/RPC calls between php and java, but I'll look at if it even makes sense to push data to PHP. Either way that one is covered. I also have the server loaded with RabbitMQ, so I'll get to work on learning/coding up the java side of that next.
anyway, I'll get back when I have something more working with rabbitMq |
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.21 02:23:32 -
[17] - Quote
Salgare wrote:I did not realize angular2 == nodejs
Well I have the quickstart running and your code cloned to the server box. I noted the quickstart hit the browser with localhost:3000 ... which is good news, I was afraid we would have to fight port 80 issues.
Oh, and I'm not sure what I was thinking on the authentication going through the queue ... none of my side has dialogs needed in the view, but the ccp login dialog sure does ... but I'm already persisting the Capsuleer's name and his refresh_token in my db the first time I see a new one. Thus users are required to use my simple Wicket framework view for a one time authentication for me to capture their this information. I'm then their permanent "agent" until/unless they cancel it in support->3rdparty apps.
It would be nice to have one initial push from the normally consumer side of the queue to the java producer side with a list of scopes the application will require. Otherwise I'll need to provide them a checkbox list of all of them and they would need to know which ones were required .... we need to think of a good way to keep the user out of this loop.
This Wicket gui will grow a bit for providing dialogs for setting up the access groups and rights for capsuleer sharing, system health/control etc.
The other thing that will need playing with is very large data. The cache already notes in the objects the last refresh time, next refresh time, last access time so I can drop old/unused objects smartly. But java has "iterators" which allow for lazy evaluation for all of the page walking type endpoints, where it may be best to only get/cache x number of pages per pull and wait for some indication from the consumer they are going to keep paging and want more look ahead.
So it's like a maintenance/control site for a cache/framework/rabbitmq that just runs daemon under the covers all the time.
This is working out cool. I also have PHP all loaded up ...there is a bridge that allows for direct API/RPC calls between php and java, but I'll look at if it even makes sense to push data to PHP. Either way that one is covered. I also have the server loaded with RabbitMQ, so I'll get to work on learning/coding up the java side of that next.
anyway, I'll get back when I have something more working with rabbitMq
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.21 02:25:27 -
[18] - Quote
Salgare wrote:I did not realize angular2 == nodejs
Well I have the quickstart running and your code cloned to the server box. I noted the quickstart hit the browser with localhost:3000 ... which is good news, I was afraid we would have to fight port 80 issues.
Oh, and I'm not sure what I was thinking on the authentication going through the queue ... none of my side has dialogs needed in the view, but the ccp login dialog sure does ... but I'm already persisting the Capsuleer's name and his refresh_token in my db the first time I see a new one. Thus users are required to use my simple Wicket framework view for a one time authentication for me to capture their this information. I'm then their permanent "agent" until/unless they cancel it in support->3rdparty apps.
It would be nice to have one initial push from the normally consumer side of the queue to the java producer side with a list of scopes the application will require. Otherwise I'll need to provide them a checkbox list of all of them and they would need to know which ones were required .... we need to think of a good way to keep the user out of this loop.
This Wicket gui will grow a bit for providing dialogs for setting up the access groups and rights for capsuleer sharing, system health/control etc.
The other thing that will need playing with is very large data. The cache already notes in the objects the last refresh time, next refresh time, last access time so I can drop old/unused objects smartly. But java has "iterators" which allow for lazy evaluation for all of the page walking type endpoints, where it may be best to only get/cache x number of pages per pull and wait for some indication from the consumer they are going to keep paging and want more look ahead.
So it's like a maintenance/control site for a cache/framework/rabbitmq that just runs daemon under the covers all the time.
This is working out cool. I also have PHP all loaded up ...there is a bridge that allows for direct API/RPC calls between php and java, but I'll look at if it even makes sense to push data to PHP. Either way that one is covered. I also have the server loaded with RabbitMQ, so I'll get to work on learning/coding up the java side of that next.
anyway, I'll get back when I have something more working with rabbitMq
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.21 02:38:59 -
[19] - Quote
The forum doesn't want to take my input.
angularjs is browser based and uses NPM package manger. It is not NODE! Node is computer based not browser based.
Now that that is over with, I can use user and pass for authentication if I know what to hit to get the token. These can be saved locally.
as far as rabbit watches a json request for the client to use could look something like:
watch: {typeid: 1234; location.name: 'jita plant'; condition: 'price < 100000000'}
|
Salgare
Satan's Gut
3
|
Posted - 2016.07.21 14:33:23 -
[20] - Quote
foxjazz wrote:The forum doesn't want to take my input.
what do you mean?
Quote: angularjs is browser based and uses NPM package manger. It is not NODE! Node is computer based not browser based.
https://angular.io/docs/ts/latest/quickstart.html - see prerequisite https://docs.npmjs.com/getting-started/what-is-npm - see getting started step 2 sure looks like its node.js based to me.
Quote: Now that that is over with, I can use user and pass for authentication if I know what to hit to get the token. These can be saved locally.
no - you can get old api ID/Code and capsuleer and save them locally (but only required for one Account endpoint) or use SSO and store the refresh_token and capsuleer.
Quote: as far as rabbit watches a json request for the client to use could look something like: watch: {typeid: 1234; location.name: 'jita plant'; condition: 'price < 100000000'}
I don't know javascript, but yes, that "watch" indicates a "listener" for an async callback.
|
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.21 20:23:36 -
[21] - Quote
Hey, sorry to be jumpy... https://www.quora.com/What-is-the-difference-between-Angular-js-and-Node-js
Angular is a javascript framework for building component html/client browser based apps. In my angular app, any browser can run it and it will call api's on the back end.
Also you are welcome to add a client based SSO to the app I have on github: https://github.com/foxjazz/evemonkey.git
Feel free to show off your skills, when it comes to SSO, I don't have any skills yet. I don't believe making users get an API for this app is the right approach.
I don't know if you work for CCP but if you do: Maybe you should allow facebook users to login to eve as facebook users.
Now yes I do have a small user base that enjoys the use of the evemarket tool. And I can put in some client based arguments for adding notifications. I am not fond of polling.
have you looked at this: https://developers.google.com/web/fundamentals/getting-started/push-notifications/ I am green with it, but hey it's google.
I have had success with SignalR as a push notification service, it's very effective. I haven't had time to configure your app yet. The thought of programming in java is holding me back.
However NodeJS is a great tool for developing server based apps.
|
Salgare
Satan's Gut
3
|
Posted - 2016.07.21 22:13:51 -
[22] - Quote
semantics, so a don't care ... I'd suggest the api's on the back end is why the prereq and first installation steps of angular is to have nodejs installed.
I've got tons to do in my snowflake at this time, and don't have any experience with javascript. All I have to offer you at this time is if you are interested in utilizing a client side cache/bridge to ccp functionality. You call the java business tier instead of ccp directly.
Quote: Feel free to show off your skills, when it comes to SSO, I don't have any skills yet.
funny! The crew here had to educate me on the permanent nature of ccp's SSO in regards to the refresh_token. As long as you can redirect from your authenticate button page to an external url and provide that external server a url that it can then redirect to ... it's really pretty straight forward.
Quote: I don't believe making users get an API for this app is the right approach.
nor do I, I thought you mentioned something about a user/pass login which is not wanted with SSO
|
Salgare
Satan's Gut
3
|
Posted - 2016.07.21 22:14:55 -
[23] - Quote
Quote: I don't know if you work for CCP but if you do: Maybe you should allow facebook users to login to eve as facebook users.
NO I do not work for ccp.
yes, typically its always better to go event driven if given the option.
Quote: I haven't had time to configure your app yet. The thought of programming in java is holding me back. However NodeJS is a great tool for developing server based apps.
As I've said elsewhere, one of the toughest choices is picking your technologies and what silo's they will lock you into. Nodejs (angular clients) is an excellent choice. It is used in-house where I work, side by side with java. I think your decision is rather to learn/code java for the backend, or jump into NodeJs server side coding if you don't want to rely on the java business tier concept.
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.22 01:47:44 -
[24] - Quote
Funny you should say that. I come from a c# back ground. And understand OO very well indeed. angular/angular (angular2) is written using typescript which is very OO.
I understand where you are coming from, I come originally from c++ which can be a pain to deal with.
I haven't done PHP. I did do some java years ago, but found c# more useful.
That's my landscape. |
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.22 04:45:11 -
[25] - Quote
The java tool idea you suggested doesn't work in my case. There would be no way to authenticate because none of the clients would have java code to run. My app is browser based only. There is no install.
OAuth
Unless you can think of a way to provide http auth request that doesn't need a callback, the api key minimal is the only way I can think of making this work for me.
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.22 05:07:04 -
[26] - Quote
Hey, if you don't mind me using your ec2 for some proof of concepts, send me an eve mail with some credentials.
I would setup a python server port 82 or so.
|
Salgare
Satan's Gut
3
|
Posted - 2016.07.22 13:27:57 -
[27] - Quote
foxjazz wrote:Hey, if you don't mind me using your ec2 for some proof of concepts, send me an eve mail with some credentials.
I would setup a python server port 82 or so.
It's on a work account that I need to get off of so I can't share credentials. One reason I was offering up the CAC. A medium instance (3.7gig mem) is about 55 bucks a month. I can fire up the server and open up the port for you.
Here in Utah it's a long weekend and I'm leaving this morning and gone through Monday. |
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.26 15:07:17 -
[28] - Quote
Hey, do you have a slacker account? Please invite me. foxr4 @foxjazz.net
fj |
Steve Ronuken
Fuzzwork Enterprises Vote Steve Ronuken for CSM
6118
|
Posted - 2016.07.26 22:57:59 -
[29] - Quote
Just a quick note:
It's possible to do Eve SSO with the implicit path, thus receiving, at the client, an access token. (not, however, a refresh token. So you have 20 minutes before you need to auth again)
Doable in pure JS.
https://www.fuzzwork.co.uk/market/viewer2/ is an example of how to do the auth, and interact with crest. Once you have the access token, you can access things like the location endpoint (assuming you asked for the scope for it)
Woo! CSM XI!
Fuzzwork Enterprises
Twitter: @fuzzysteve on Twitter
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.27 02:30:13 -
[30] - Quote
the docs say it needs a redirect uri.
Can I provide a client based uri for the server callback?
It would be easier if I could call the login.eveonline.com where the websight would take the user and pass, then provide me with an access token (or a redirect uri) so the browser/client could then receive the access token.
Barring that it isn't clear how to get an access token without providing an api key etc...
It would seem that client could send a user and pass to the login page and then get a token for use within the app. But I am not certain yet how my client would display a page from the eve site.
So the api key is the only way I can see the client doing it. Keep in mind, there is no web-server involved in this process, except servers provided by crest.
fj |
|
|
|
|
Pages: [1] 2 :: one page |
First page | Previous page | Next page | Last page |