EVE SSO/ESI verify with Angular/TypeScript

EVE Technology and Research Center Third Party Developers
#1

Hi

I’m trying to load the ClientID in Angular with TypeScript. The whole OAuth2 solution works. I have a token. But as soon as I want to do the verify, for a clientID, nothing works anymore.

My token:

grafik
grafik.png1603×233 49 KB

Bud verify dosn’t work. My code:

    OnGetUser() {
    const headerss = new HttpHeaders();
    headerss = headerss.set('Authorization', 'Bearer ' + this.bearerToken);
    this.http.get('https://esi.tech.ccp.is/verify', {headers: headers}).pipe(first()).subscribe((user: any) => {
        console.log(user);
    }, (error) => {
        console.log(error);
    });
}

The response is always a CORS failure. The error:

grafik
grafik.png1735×311 71.7 KB

What’s my problem?

Gruss
Roland

#2

That would be what you want. You can validate the token locally, as the token is a JWT token. That endpoint would be used server side to validate v1 tokens.

#3

Hi

Thank for the fast response.

For my understanding. The CORS exception result from? Or you mean my characterID is encoded in the token?
I’ve analysed my token with https://jwt.io/. The token is valid but I can’t see my characterID. I search my id in an Android App and test it with get standings. But the same issue.

grafik
grafik.png1717×433 97.4 KB

I’ve only one header and use GET. This is ok?

grafik
grafik.png1726×744 98.5 KB

#4

First of all you are using the old ESI url which doesn’t exist anymore. You should be using https://esi.evetech.net as the base for ESI requests, (only ESI requests, not SSO).

Once you switch to the correct URL you original /verify/ request will work. Just won’t be required as all the same info is in the token.

Your characterID is in the token:

...
"sub": "CHARACTER:EVE:123456789",
...

Where it is the number in the sub property.

1 Like
#5

Many thanks. The CORS problem is solved with this url.
https://esi.evetech.net/latest/characters/${character_id}/standings/
But now … 403… :-/
I meant that was easier.

grafik
grafik.png1741×1195 191 KB

#6

I’ve parse my token in my code. The token is ok.

{
  "scp": [
	"publicData",
	"esi-calendar.respond_calendar_events.v1",
	...
	"esi-corporations.read_outposts.v1",
	"esi-characterstats.read.v1"
  ],
  "jti": "2c091c69-b90b-4388-af8f-728cf9dd58cc",
  "kid": "JWT-Signature-Key",
  "sub": "CHARACTER:EVE:2114826488",
  "azp": "e8c5338545274f5d917cfae15d5aca2e",
  "name": "TheBadSenior Momaki",
  "owner": "RmwBYWpPah1FQTHeAVp2qGZzQDA=",
  "exp": 1547223985,
  "iss": "login.eveonline.com"
}

expdate is also ok.

grafik
grafik.png1343×177 27.6 KB

#7

Make sure you are setting the token to be the whole JWT token. Not just the first part of it like you have in your picture.

#8

I send the whole token.

grafik
grafik.png2965×279 70.1 KB

The token I was send is the access_token property.
grafik
grafik.png2797×729 297 KB

I extract the token and save it as token.
grafik
grafik.png2873×747 300 KB

This token use it in the header as Bearer token.

#9

Confirm that its setting the header correctly. It looks, from the log there, its setting the Authorization header to an array, when it should just be like "Authorization: Bearer TOKEN".

#10

Hi
I have tested a lot more. Without success. The response is always a 403. I use code from my other projects. Therefore, I suspect the error as with my token.
Do you know an Angular project that works? Where to look for it?

#11

I could solve the Problem.

#12

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.