EVE Forums

 
Capture Portrait
  • Date of Birth: 2011-07-07 21:26
  • First Forum Visit: 2012-03-04 12:47
  • Number of Posts: 62
  • Bounty: 0 ISK
  • Likes Received: 9

Snitch Ashor

Security Status -9.7
  • Black Rise Guerilla Forces Member since
  • The Bloc Member since

Last 20 Posts

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Pohwaran wrote:

    It goes back all the way back to the core installation of the forum itself, on the second page after setting up an admin user it asks for the database, I was installing the forum with MySQL with MySQLi Extension as the database type, using this type of database the Evesso would spit the error of invalid auth state. I then went and reinstalled the whole forum under the normal MySQL database, installed the plugin again and it worked like it should, and has been working fine since I fixed the database type.

    Overall it's a great plugin, can't wait to see what else you add to it.


    I have to admit this should not be the case and Mysqli should be used. I will try to reproduce that error. As for features, somebody already requested to see corp and alliance next to peoples names, I think thats a nice gimmick.

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Pohwaran wrote:
    Hey,

    I installed everything like said, had a few problems with the callback url but got that sorted. Now I'm stuck at "Error: Invalid auth state." The DB is set to evesso, I made sure of that. Any help would be appreciated.
    Thanks.

    Edit - I fixed it turns out it was something to do with the way the database was set up. I was using MySQL with the extension, when my web host didn't use the extenion, change the database type, reinstalled the forum + the EVE SSO and it works like a charm


    Glad it works now. Could you tell me what you changed to get around the database issue?

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Paic Aishai wrote:

    Updated to v1.0.2a, all good. Thanks for the quick fix man !


    Thats also what I thought but 1.0.2 breaks a part of the ACP, fixed here: 1.0.3a In this one language and ACP should be working.

    Also anyone running 1.0.0 and having issues with logouts occuring very often, please update and let me know if it got better.

  • 3rd Party non-browser app and OAuth2 in EVE Technology and Research Center

    Padruda Ehinu wrote:
    Hello out there,

    I have questions regarding the OAuth2 SSO of EVE and the development of 3rd party apps.

    I am developing a tool for myself and later my alliance to handle certain tasks.(Namely: Everything in one tool)

    I want to use the CREST API as well. That means, I have to come across a way to use the SSO and retrieve a user auth token(as from the 3rd party developer guide).

    I think of following:
    - The User connects to my server app (with the client app)
    - If the client doesn't have a server auth token OR it expired on the server side, request a new one
    - - Server has a HTTP Server running and his own server thread.
    - - Server creates a SSO URL and sends it to the client
    - - The client opens the browser and user logs in
    - - redirect_uri points to the server HTTP instance
    - - Server stores the data, creates a app specific token and sends it the client for session usage.
    - If client has an auth token AND sso token is valid:
    - - continue normal stuff

    Does this break the trust chain?

    As far as I understand, I have to let the user add his credentials on the SSO website and retrieve my token. Am I allowed to set the redirect _uri to my server app and proxy the access_token there?


    What you scetch there sounds technically fine to me. It is exactly the way how browser apps work. In your description, replace client with 'browser' and sso token with 'cookie' or 'password login' and it's a browser app.

    Cheers,
    Snitch

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Felicity Stihl wrote:
    I did however notice an odd thing with the original build, I have phpbb's timeouts set to several days, but the user session will time out within less than an hour, and require relogging, is that by design, and/or can I change the timeouts somewhere , or is this something that the new commit may have fixed ? (Just applied it, so I'll know within a few hours)
    EDIT: Seems like the timeout issues are fixed, my sessions even persisted between reboots...
    EDIT2: Scratch that, times out after an hour..


    I tried a lot of things regarding this but I'm still not entirely sure why logouts sometimes occur after an hour and most of the time (at least for me) not in days. I posted some more details here:

    https://bitbucket.org/snitchashor/php-ext-authevesso/issues/1/user-sessions-timing-out-inconsistently

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Paic Aishai wrote:
    Small issue here too : it seems that when the EveSSO auth method is selected, some part of the board (home page, like "who is online" , statistics ; few strings in UCP/ACP ; ...) are not in the default board language.
    When I switched back to Db auth method everything was ok.

    I also tried to reinstall the language but it did not change anything. Can it may come from the extension ?


    Definetly a bug of the extension thanks, should be fixed in v1.0.2.

    Btw. the mod is not yet translated but programmed in a way so it should be easy to translate. If someone is in the mood to do a translation, let me know, its only about 30 lines of text, mostly related to the ACP. In phpBB, mods will always fallback to english if the right translation is not available, but this only works if english is not deinstalled.

    Bests,
    Snitch

  • EVEpoll: Webpage to create polls for capsuleers in EVE Technology and Research Center

    Hi all,

    I want to introduce a simple web app to create polls for EVE pilots:

    EVEpoll

    Current features


    • SSO to authenticate
    • Create polls, available to your corp, alliance or anyone
    • Define the duration for your poll(s)
    • Select whether initial choices can be changed
    • Select whether or not the result is visible before the poll ends (owners will always see it)
    • End your poll at any time
    • Delete your poll(s) (Yes, they are removed completely)
    • Browse polls available to your corp or alliance
    • Mobile friendly


    Have fun and let me know if it breaks.

    So long,
    Snitch

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Yeah I know about the persistent login problem, its on the todo list. Right now I try to use phpbbs builtin remember me function, but it still fails most of the time, need to do some diggin there.

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Felicity Stihl wrote:

    To anwser my own post:
    Found two issues,
    1. had to explictly set the php variable "register_globals" to off
    2. had to install php-curl (which is not mentioned as a requirement anywhere)

    Seems to work now, except for the fact that when I log in, I get a error complaning about "INSECURE_REDIRECT".. (things still work if I refresh)


    Thanks a lot.

    Indeed php5.5+ with curl is a requirement for the API client library, added that to the opening post and readme.
    I'm abit confused about the other part since register_globals = OFF should be default since php 4.x and phpBB itself should complain if its on...


    The INSECURE_REDIRECT, is that a phpBB error message and when does it appear?

    I uploaded a version 1.0.1 (Download Link in the opening post) which should fix the problem about databases not being created on install.

    @Felicity Stihl could you try this commit that should fix your insecure redirect warnings.

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Felicity Stihl wrote:
    Quick update:

    Made a new VM to test this on, completley vanilla ubuntu 16.10 , just installed mod_php, apache2, phpmyadmin, and mysql. installed a fresh version of phpbb 3.2 and added your plugin, so far so good..

    after installing, and activating the plugin, I cannot access the /authevesso/login url (http://172.16.32.149/phpbb/authevesso/login?target=http%3A%2F%2F172.16.32.149%2Fphpbb%2Findex.php)




    Thanks for testing, will do the same, the only difference to my test enviroment is ubuntu16.10 and prly the mysql version. Will let you know if i can figure out what it is.

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Felicity Stihl wrote:
    Cool project

    I installed it without a hitch, but when I enable authentication, I will get a 404 error when trying to hit the login button.

    The 404 is for forums.domain.tld/authevesso/login (my phpbb install is not in a subdirectory)

    Any ideas on this one ?



    Will have to try and reproduce it. If you feel like trying it on a subfolder, let me know if it works.

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Paic Aishai wrote:
    Thanks man. Cool project you're working on here !

    I also tried to install this and ran into the same problems as Milo. After following your instructions, the extension page is now accesible and database schemas seems ok, but when I try to login, I get an "Invalid auth state." error.

    The auth state seems to be passed along correctly during the OAuth process, it is even set correctly in the database (phpbb_sessions.session_authstate)

    Any ideas ?


    So basically what is supposed to happen is the auth state, which is just a random number is stored in the session sb before sending the user to the sso page and the response is compared afterwards. Not sure what goes wrong there. Could you post or pm me your forum address?

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Yeah you are right. You can disable board registration yourself for now in the ACP. I will either disable the button or just forward registration to the sso as well.

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Thanks for reporting back, could you do one more quick check just look if the file

    _phpBBinstall_/phpbb/db/migration/migration.php is present and tell me what php version you are running please?

    Thanks.

    Btw since all migrations require that class, the one that creates the profile field to enter the teamspeakID might be missing as well. You can just create it under users-> custom profile fields:

    Identifier: authevesso_tsid Type: single text field.

    Publicly display profile field: NO and the only options that should be ticked are:
    Display in user control panel
    Hide profile field

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    That is related to the first I guess, looks like the migration that installs database tables and columns is not executed at all in your case, will try to figure out what went wrong. If you want to retry you have to deinstall the mod and delte all data of the mod in the customization tab.

    If you could try the following please:

    Disable the mod.
    Delte Data for the mod.

    Reenable it and give it a try. If the same error occurs, here's how to create the DB entries required:

    ALTER TABLE phpbb_users ADD (
      `user_refreshToken` varchar(255) COLLATE utf8_bin DEFAULT NULL,
      `user_characterID` bigint(20) DEFAULT NULL,
      `user_lastAPI` int(11) UNSIGNED DEFAULT NULL,
      `user_APIfailcount` mediumint(8) UNSIGNED DEFAULT NULL
    );

    ALTER TABLE phpbb_sessions ADD (
      `session_authstate` varchar(255) COLLATE utf8_bin DEFAULT NULL,
      `session_refreshToken` varchar(255) COLLATE utf8_bin DEFAULT NULL,
      `session_characterID` bigint(20) DEFAULT NULL,
      `session_characterName` varchar(100) COLLATE utf8_bin DEFAULT NULL
    );

    CREATE TABLE `phpbb_authevesso_groups` (
      `id` bigint(20) DEFAULT NULL,
      `name` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
      `type` varchar(20) COLLATE utf8_bin NOT NULL DEFAULT '',
      `forum_group` mediumint(8) UNSIGNED DEFAULT NULL,
      `ts_group` mediumint(8) UNSIGNED DEFAULT NULL
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Milo Caman wrote:
    Super happy to see this again, but seeing this when I try to log into my fresh forum after setting up:

    SQL ERROR [ mysqli ]

    Unknown column 'session_authstate' in 'field list' [1054]

    Don't have access to my database from work, so will reset the auth method and have a closer look when I get home in a few hours, but if there's any quick fixes to this that'd be excellent.



    Hmmm weird, that column should have been installed with the mod. Will try it myself on a fresh install.

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Reserved.

  • phpBB 3.2 EVE SSO / ESI extension [alpha] in EVE Technology and Research Center

    Hi all,

    This is a first alpha version of a phpBB extension that enables Single sign on for registration and login to the phpBB forum software: Downloads

    Current features:


    • phpBB auth provider (replaces regular login completely)
    • Login / Registration using EVE accounts
    • Group management based on corp / alliance (using ESI to fetch)
    • Teamspeak serverGroup management based on corp / alliance


    Requirements:


    • phpBB 3.2 or above
    • php5.5 or above with php-curl installed
    • A valid EVE Online subscription (you need one to register a developer app.)



    Installation and setup:

    This extension is under development, if you install it on anything but a fresh and empty board, backup your database and files now.


    1. Upload the contents of the zip to your forum root (the zip should already contain the directory structure /ext/snitch/authevesso)
    2. Go to the ACP
    3. Enable the extension under 'Customise', if it doesnt show up check the directory structure.
    4. Go to developers.eveonline.com and create an App, select API access the scope esi-corporations.read_corporation_membership.v1, set the callback url to server/forumurl/authevesso/login
    5. Go to you forum ACP: General - Client communication - Authentication
    6. Enter your app id and secret you got in the above step, as well as the Admin character name (Important: This has to be an eve character you will use from now on to log in as admin. If this char already exists as a board user, make him a founder and grant all permissions now.)
    7. Save Settings
    8. Change authentication method to Evesso and save.
    9. Log in with the admin EVE char and purge the forum cache in the ACP.
    10. Start adding Groups / Teamspeak groups under 'Extensions'

    if something goes wrong and you locked yourself out, access your database and find the key auth_method in your phpbb_config table and change it from 'evesso' to 'db'.


    To do:


    • Implement logging
    • Testing
    • Better session management (when logging in from multiple devices)
    • ???


    A few notes how its working:

    This extension automatically creates a forum user account for evey user that logs in with his eve account.
    It only handles the groups configured in the extensions ACP menu, it will not add OR REMOVE from any of the groups / teamspeak groups not entered there.
    phpBB3.1+ has a new cron system. if you wish to run the cron jobs manually, the command to do so is: php _install_dir_/bin/phpbbcli.php cron:run (set to run e.g. once in 15 minutes, dont worry, the actual jobs run at different intervals) In that case, go to your boards server settings and set 'run periodic tasks from system...' to 'yes'.


    Credits:

    Inspired by EVE API for phpBB 3.0 by Cyerus and phpBB 3.1 Authentication Provider for Shibboleth
    Using the Teamspeak PHP framework
    ESI client generated using swagger codegen

    Happy testing,

    Report any bugs you ancounter here or to admin@brgf.de
    If you wanna support this project, feel free to throw some ISK at Snitch Ashor

    o7, Snitch

  • eve-sso-auth: no character ID returned in EVE Technology and Research Center

    This is a part of my sso class that might help you. Its based on Steves script. Once I got the code i use this to get a token:

        
    public function setCode($code) {
            $this->code = $code;

                    $url = 'https://login.eveonline.com/oauth/token';
                    $header = 'Authorization: Basic '.base64_encode($this->config['evesso_clientid'].':'.$this->config['evesso_code']);
                    $fields_string = '';
                    $fields = array(
                        'grant_type' => 'authorization_code',
                        'code' => $code,
                        );
                    foreach ($fields as $key => $value) {
                        $fields_string .= $key.'='.$value.'&';
                    }
                    rtrim($fields_string, '&');
                    $ch = curl_init();
                    curl_setopt($ch, CURLOPT_URL, $url);
                    curl_setopt($ch, CURLOPT_USERAGENT, self::$userAgent);
                    curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
                    curl_setopt($ch, CURLOPT_POST, count($fields));
                    curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
                    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
                    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
                    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
                    $result = curl_exec($ch);
                    if ($result === false) {
                        $this->error = true;
                        $this->message = (curl_error($ch));
                    }
                    curl_close($ch);
                    if (!$this->error){
                        $response = json_decode($result);
                        $this->accessToken = $response->access_token;
                        $this->expires = (strtotime("now")+1000);
                        $this->refreshToken = $response->refresh_token;
                        $result = $this->verify();
                        return $result;
                    } else {
                        return false;
                    }
        }


    In the last step i call verify, which then gives you characterid and name:


    public function verify() {
        if (!isset($this->accessToken)) {
                        $this->error = true;
                        $this->message = "No Acess Token to verify.";
                        return false;
            } else {
                        $verify_url = 'https://login.eveonline.com/oauth/verify';
                        $ch = curl_init();
                        $header = 'Authorization: Bearer '.$this->accessToken;
                        curl_setopt($ch, CURLOPT_URL, $verify_url);
                        curl_setopt($ch, CURLOPT_USERAGENT, self::$userAgent);
                        curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
                        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
                        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
                        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
                        $result = curl_exec($ch);
                        if ($result === false) {
                            $this->error = true;
                            $this->message = (curl_error($ch));
                        }
                        curl_close($ch);
                        if ($this->error) {
                return false;
                }
                            $response = json_decode($result);
                            if (isset($response->error)) {
                                $this->error = true;
                                $this->message = $response->error;
                                return false;
                            }
                            if (!isset($response->CharacterID)) {
                                $this->error = true;
                                $this->message = "Failed to get character ID.";
                                return false;
                            }
                            $this->characterID = $response->CharacterID;
                            $this->characterName = $response->CharacterName;
                            $this->scopes = explode(' ', $response->Scopes);
                            if ($this->scopes == null || $this->scopes == '') {
                                $this->error = true;
                                $this->message = 'Scopes missing.';
                                return false;
                            }
                            $this->ownerHash = $response->CharacterOwnerHash;
                    }
            return true;
        }


    You might strip it down quite a bit e.g. when not using scopes but i hope it gives you an idea.

  • [WIP] Fleet-Yo fleet management tool. in EVE Technology and Research Center

    Hi there,

    I came up with a little tool (webpage) to manage and track fleets. This tool is inspired by others out there, mainly the agony fleet manager which relied on the IGB.
    Heres a short list of current features:


    • Select backup FCs so they can see what ingame is visible to the boss only
    • Fleet members can post fittings so the fc gets a precise composition
    • Backup FCs can make fleet invites using the webpage


    The page is written in php/mysql and uses esi as the only api.
    Source is here: https://bitbucket.org/snitchashor/fleet-yo
    Demo is here: https://fleet-yo.tk (restricted access)

    Requirements:

    • php 5.5+
    • php-curl
    • MySQL
    • php-mysqli
    • For certain features (persistent cookie login), site should be running via ssl


    So here's a couple of screens:

    https://fleet-yo.tk/img/fleetyo_1.png
    https://fleet-yo.tk/img/fleetyo_2.png
    https://fleet-yo.tk/img/fleetyo_3.png

    And last but not least a couple of credits/software used:

    ESI php client generated with swagger-codegen
    Auth was adopted from Fuzzy Steve's EVE SSO Auth
    Fuzzy Steve's Static dump mysql conversion
    jQuery
    jQuery datatables
    Twitter typeahead.js
    Nakupanda's Bootstrap Dialog

    Cheers,
    Snitch