Hello guys.
I have an issue, I don’t understand, what I’m doing wrong. I going to build my own database from the JSON data from ESI. First I tried it with the Google Docs, but a spreadsheet is not complex enough to reach, what I’d like to do. But this isn’t the problem itself. My problem is to get access to the ESI by shell via cURL.
I followed this manual: https://developers.eveonline.com/blog/article/sso-to-authenticated-calls
curl --verbose -XPOST -H "Content-Type:application/json" -H "Authorization:Basic [censored]" -d '{"grant_type":"authorization_code", "code":"[censored]"}' https://login.eveonline.com/oauth/token
I always get a 401 error. I don’t understand, what I am doing wrong, because I do exactly what is written in the manual, of course with my own details about client id & secret key. Is there anything missing in this manual? Or was anything changed meanwhile, but the manual not updated??
I’m a bit desprate and I couldn’t find any dev forum…
Regards
Output from cURL (verbose):
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 87.237.34.203...
* TCP_NODELAY set
* Connected to login.eveonline.com (87.237.34.203) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=IS; L=Reykjavik; O=CCP Hf; CN=*.eveonline.com
* start date: Jan 13 14:17:18 2016 GMT
* expire date: Jan 13 14:47:18 2019 GMT
* subjectAltName: host "login.eveonline.com" matched cert's "*.eveonline.com"
* issuer: C=US; O=Entrust, Inc.; OU=See www.entrust.net/legal-terms; OU=(c) 2012 Entrust, Inc. - for authorized use only; CN=Entrust Certification Authority - L1K
* SSL certificate verify ok.
> POST /oauth/token HTTP/1.1
> Host: login.eveonline.com
> User-Agent: curl/7.58.0
> Accept: */*
> Content-Type:application/json
> Authorization:Basic [censored]
> Content-Length: 62
>
* upload completely sent off: 62 out of 62 bytes
< HTTP/1.1 401 Unauthorized
< Cache-Control: private
< Server: Microsoft-IIS/8.5
< WWW-Authenticate: Basic realm="tranquility.prod",error="invalid_client"
< Request-Context: appId=cid-v1:2ccf88f2-29b9-460a-bc15-7c0b79926f61
< Date: Sat, 07 Apr 2018 15:26:37 GMT
< Connection: close
< Content-Length: 0
<
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
How are you creating the code you’re sending for the authorization header?
I run this code, but a little intervention is needed at the moment. (Copy to and from browser address bar.)
#!/bin/bash
lsburl="login.eveonline.com" # login server base url
resp_type="code"
red_uri="http://localhost/oauth-callback"
clientId="[censored]"
clientSec="[censored]"
#scopes="esi-universe.read_structures.v1 esi-markets.structure_markets.v1 esi-characters.read_standings.v1"
scopes="esi-characters.read_standings.v1"
echo
echo "Open this link in your browser, authorisize and paste everything after \"http://localhost/oauth-callback?code=\" as authentithication code."
echo "https://${lsburl}/oauth/authorize?response_type=${resp_type}&redirect_uri=${red_uri}&client_id=${clientId}&scope=${scopes}"
echo
resp_type="token"
post_url="https://${lsburl}/oauth/${resp_type}"
app="json"
#app="x-www-form-urlencoded"
auth_basic="$(echo "${clientId}:${clientSec}" | base64 -w 0)"
read -p "One-time authentithication code: " one_time_auth
echo
echo "curl --verbose -XPOST -H \"Content-Type:application/${app}\" -H \"Authorization:Basic ${auth_basic}\" -d '{\"grant_type\":\"authorization_code\", \"code\":\"${one_time_auth}\"}' https://${lsburl}/oauth/${resp_type}"
echo
curl --verbose -XPOST -H "Content-Type:application/${app}" -H "Authorization:Basic ${auth_basic}" -d "{\"grant_type\":\"authorization_code\", \"code\":\"${one_time_auth}\"}" https://${lsburl}/oauth/${resp_type}
huh. That base 64 gives a very slightly different base 64 encoding to doing it in php. It decodes the same, but it’s a bit different. Weird.
It’ll probably not help, but try putting a space before the Basic.
The space made no difference. But the PHP base64 module did!
This works now. The information about the difference between the library handling was essential!
Now my script looks like this and is working as expected:
#!/bin/bash
#set -x
lsburl="login.eveonline.com" # login server base url
resp_type="code"
red_uri="http://localhost/oauth-callback"
clientId="[censored]"
clientSec="[censored]"
#scopes="esi-universe.read_structures.v1 esi-markets.structure_markets.v1 esi-characters.read_standings.v1"
scopes="esi-characters.read_standings.v1"
echo
echo "https://${lsburl}/oauth/authorize?response_type=${resp_type}&redirect_uri=${red_uri}&client_id=${clientId}&scope=${scopes}"
echo
resp_type="token"
post_url="https://${lsburl}/oauth/${resp_type}"
app="json"
#app="x-www-form-urlencoded"
#auth_basic="$(echo "${clientId}:${clientSec}" | base64 -w 0)"
auth_basic="$(php -r "echo base64_encode(\"${clientId}:${clientSec}\");")"
read -p "One-time authentithication code: " one_time_auth
echo
echo "curl --verbose -XPOST -H \"Content-Type:application/${app}\" -H \"Authorization:Basic ${auth_basic}\" -d '{\"grant_type\":\"authorization_code\", \"code\":\"${one_time_auth}\"}' https://${lsburl}/oauth/${resp_type}"
echo
curl --verbose -XPOST -H "Content-Type:application/${app}" -H "Authorization:Basic ${auth_basic}" -d "{\"grant_type\":\"authorization_code\", \"code\":\"${one_time_auth}\"}" https://${lsburl}/oauth/${resp_type}
Thank you so much!!!
ahhhhhhhhhh
doing it with the piped echo is adding a carriage return which is then encoded. Doing it with php isn’t.
if you want to try it with echo and base 64, try echo -n
system
July 7, 2018, 4:29pm
8
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
)