ESI Authenticated calls with swagger generated client


(Black Madness) #1

Hi, i am developing a pretty big industry tool, and of course i need to consume esi endpoints. I have managed to handle SSO flow, which returns me a proper couple of access/refresh tokens.

In order not to go crazy with scopes, i am actually requiring all the scopes.

In order to consume the ESI endpoints, i have generate the code from the swagger specs (yeah,i know that there are lots of tools, but need to do like this for now); i used openapi-generator; i am anyway not able to make authenticated calls.

I am making a character call to inspect the issue:

def generate_eve_wallet_api_client():
    eve_api_wallet = eveclient.CharacterApi()
    eve_api_wallet.api_client.host = "https://esi.tech.ccp.is"
    eve_api_wallet.api_client.configuration.access_token = get_access_token_for_user(
        CHARACTER_ID)

    return eve_api_wallet

N.b.: i don’t really understand what is reported in the example here: https://developers.eveonline.com/blog/article/sso-to-authenticated-calls. To me, the way Configuration object is used is wrong, or maybe is it a singleton ? Anyway, i can’t test this now, and report the code i am using.

The call is done by making this:


    eve_api_wallet = generate_eve_wallet_api_client()

    response = eve_api_wallet.get_characters_character_id_standings(
        CHARACTER_ID
    )

I keep on having 403; i also tried not to pass the token to the api client but using the query string parameter token, passing the token, but this still fails.

Apparently, the access_token is the problem, since i have the same authentication failure if i use the esi swagger UI: https://esi.evetech.net/

I am doing something wrong, but can’t understand what … :confused:

P.s.: i am also verifying the JWT received, so everything looks ok …


(Vex Munda) #2

Did you set the access_token in the Configuration? Does you http-header ( Authorization ) send out the correct access_token?

By the way what exactly are you making and with what tech? Got a GitHub repo?


(Black Madness) #3

Hi Vex. I have a tool for industry/management (prolly alliance management as well) that is made by multiple microservices. I am using python, elixir, rabbitmq, kafka, nodejs etc.

All the microservices expose api defined with Openapi specs, so it was pretty natural to generate eveclient code as well; the main problem was about the complexity of debugging the exact same things that you are suggesting me (i was basically debugging the target code up to urllib3 execution, and everything was in place).

What i was doing, since it is an early stage development, i was asking for an access token granting all the scopes, and i know it’s definitely not a good practice, to say the least. As soon as i was changing this coherently asking the scopes i really needed, things started to work.

Now, to be honest, i think that there could be a glitch all along the path: caching, encoding, etc, since the token was really huge.

Information now is nicely flowing in rabbit queues :slight_smile:
Thanks for interest !