Pages: 1 [2] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Steve Ronuken
Fuzzwork Enterprises Vote Steve Ronuken for CSM
6120
|
Posted - 2016.07.27 12:25:53 -
[31] - Quote
foxjazz wrote:the docs say it needs a redirect uri.
Can I provide a client based uri for the server callback?
It would be easier if I could call the login.eveonline.com where the websight would take the user and pass, then provide me with an access token (or a redirect uri) so the browser/client could then receive the access token.
Barring that it isn't clear how to get an access token without providing an api key etc...
It would seem that client could send a user and pass to the login page and then get a token for use within the app. But I am not certain yet how my client would display a page from the eve site.
So the api key is the only way I can see the client doing it. Keep in mind, there is no web-server involved in this process, except servers provided by crest.
fj
Look at the code I provided.
The redirect from the SSO server takes you straight back to the same page you came from, and _javascript_ handles the auth. My server, other than serving the html and the js, doesn't get involved in the process.
Woo! CSM XI!
Fuzzwork Enterprises
Twitter: @fuzzysteve on Twitter
|
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.27 15:42:07 -
[32] - Quote
Hi Steve,
I clicked on that link, and it doesn't serve up code :(
I think maybe you could script me some code, or link a place I could see code?
fj |
foxjazz
Froosh INC. Thoroughly Inebriated
0
|
Posted - 2016.07.27 16:03:09 -
[33] - Quote
Steve, I looked at the source as well.
Here is the problem I have with it: the redirect is going to here:
https://www.fuzzwork.co.uk/market/viewer2/&state=e2977fb7-2aa1-4d57-b007-765f5cf85480
Should I setup the same redirect and call something at fuzzwork to get a clientid?
As I was saying before, my app is client based browser only. There is no server. www.fuzzwork.co.uk/market/viewer2&state indicates there is a server action in play.
fj |
Steve Ronuken
Fuzzwork Enterprises Vote Steve Ronuken for CSM
6121
|
Posted - 2016.07.27 20:38:15 -
[34] - Quote
There's no server action there. seriously. It's all in the JS.
https://www.fuzzwork.co.uk/market/viewer2/marketExplorer.js is the main file behind it.
The state is stored as a cookie on the client, to make sure the redirect is coming in form the right place, and there's no CSRF going on. (the code is somewhat lifted from someone's contact management code. as you can see in the comments at the top)
Woo! CSM XI!
Fuzzwork Enterprises
Twitter: @fuzzysteve on Twitter
|
|
|
|
Pages: 1 [2] :: one page |
First page | Previous page | Next page | Last page |