Welcome Beta Testers

[Kieran Hardern]

Welcome to the VATSIM SSO Testing Group. You have been added as the developer of a VATSIM-affiliated website that is interested in providing login functionality using VATSIM credentials. Thank you in advance for your interest and any time you can provide in testing.

 

The SSO system is based of the OAuth 1.0a protocol and which enables logins at VATSIM to be verified on an external server and for you to receive the information regarding that user from VATSIM. For those of you not familiar with OAuth, don't worry. Yes OAuth can be quite complex and painful, however I will take most of that pain for the team :p. I have written and am providing some very simple demo code that you should literally be able to 'drop' onto your server, change config variables and get going.

 

For those of you that are familiar with OAuth, I want to post a few clarifications right now to manage expectations of the current release, as it differs slightly from a 'cl[Mod - Happy Thoughts]ic' OAuth system (for those of you familiar).

 

• At present, this system provides one-time access to VATSIM details, immediately following the member logging in. Access keys that authorise details for longer periods are not currently utilised (and therefore we skip the access key generation in the current system as it's pointless)
  
• You 'get what you are given'. In the case of most of you, this will be everything you could want anyway. However there is no facility to request beyond what you are defined to have access to. The amount each site has access to depends on it's site type (I will briefly explain the access level system later).
  
• We are utilising OAuth 1.0a and not 2.0 for a variety of reasons. Most importantly for security. I wanted to tell you that this is a conscious and calculated decision, not just us living in the past . Many sites out there still utilise 1.0a instead of 2.0

 

What's next?

 

I will be setting up a BETA area tonight for you all to utilise. The integration from this point should (he says sounding semi-confident) not change, however there are a couple more features planned for the user-interface that I may or may not roll out.

 

Further details will be posted separately.

 

Important Disclaimer

 

I am shortly to enter a period of university exams. This comes at the most awkward time, however nothing I can do about that! Therefore I will have availability this week, followed by a period of dramatically reduced availability. I therefore won't be able to get on top of things very quickly and you'll just have to bear with me.

 

 

Thanks for your help!

[Kieran Hardern]

A screenshot as a quick taste:

 

https://dl.dropboxusercontent.com/u/34977164/SSO-demoshot-1.png

[David Zhong]

Well hasn't this organisation had a m[Mod - Happy Thoughts]ive explosion in development in the past 12 months! I'm organising VATPAC's Real Ops Sydney event in July so the booking system for that event will be a great opportunity for this to be tested.

[Kieran Hardern]

So it turns out that there are a few other people that can see this forum from permissions they already have

 

Not a problem, feel free to test and use... perhaps be beta testers for other developer's code (or get some credentials and try the system yourself if you're confident with web development). If you've had contact directly with me or Luca about SSO, you are added specifically for this

[David Zhong]

Hi Keiran,

 

Just to be sure, can you confirm that connecting SSO to CERT is currently out-of-scope of this current testing phase? My project is only temporary (will be online for about one month) so if it's impracticable to use this in a live environment, there's probably little point in me implementing it!

[Luca Benelli]

When would you need to be live with your project?

[David Zhong]

Probably mid-June as the event is at the start of July.

[Kieran Hardern]

I am now (more or less) unavailable until June. I may have 30 mins or so here and there to provide [Mod - Happy Thoughts]istance, but nothing substantial.

 

You can direct anything you need to Luca , I'll pop on to the forum when I can to answer any questions that come up.

 

See you in June!

[Anthony Lawrence]

Kieran, as discussed here: viewtopic.php?p=468398#p468398

 

Please can you investigate returning the "true" ATC rating in the atc_rating for SSO?

 

Thanks,

A!

[Luca Benelli]

The sso scripts don't have access to all the requires information for that.

[Kieran Hardern]

Kieran, as discussed here: viewtopic.php?p=468398#p468398

 

Please can you investigate returning the "true" ATC rating in the atc_rating for SSO?

 

Thanks,

A!

 

At the moment what Luca's tool (idstatusprat) is outputting is based on it searching through other data, the true rating isn't actually stored. Therefore right now (as well as Luca's reason ) it's more efficient for you to simply query it when you need it, rather than us processing it every time when it might not be needed.

 

Something I'll keep in mind though!

[Kieran Hardern]

Just a small note to let you all that I have finished my finals and so am back to good availability for the next week - therefore please use this opportunity to get the communication going

 

Following that week I will be on a course for 3 weeks (9th to 27th) that will take up most of my time Mon-Thurs (inclusive), but I'll have Friday and the weekends available and won't be out of contact.