Jump to content

You're browsing the 2004-2023 VATSIM Forums archive. All content is preserved in a read-only fashion.
For the latest forum posts, please visit https://forum.vatsim.net.

Need to find something? Use the Google search below.
PLEASE READ - Webmaster Support Forum
This forum will be retired in the near future. Please direct all queries to our dedicated GitHub support page https://github.com/vatsimnetwork/developer-info/discussions 
Here you can find documentation on our services and we are continuing to migrate pertinent information into the Wiki pages https://github.com/vatsimnetwork/developer-info/wiki

Client Demo

Kieran Hardern

By Kieran Hardern,
in SSO

 Share

Recommended Posts

Kieran Hardern

Kieran Hardern

Posted
Posted

As mentioned in the welcome post, I've created some simple demo code to get you started and take most of the h[Mod - Happy Thoughts]le out of this. (Please see the second post in this thread for other demo code, including languages other than PHP)

 

Source code is publicly available here:

View: https://bitbucket.org/KHardern/vatsim-sso-demo/src

(Downloads > Branches > Master if you want to download a copy)

 

This consists of 4 files, which I'll describe below. I'm not going to use this post to explain the OAuth system, merely how these files work. A disclaimer as always, this has been thrown together by me very quickly, I apologise for any typos or silly errors :p

 

OAuth.php

 

This is a slightly modified version of multiple cl[Mod - Happy Thoughts]es available from here: http://oauth.googlecode.com/svn/code/php/. I've cut out most of the rubbish that you don't need for consumer-side and made a few very small edits, though nothing special!

 

This cl[Mod - Happy Thoughts] essentially does all of the formatting, signing and boring part of the OAuth protocol for you. Feel free to use something else if you're familiar, however I'd recommend this one as I know it works!

 

SSO.cl[Mod - Happy Thoughts].php

 

A very simple cl[Mod - Happy Thoughts] that communicates with the OAuth cl[Mod - Happy Thoughts]es and converts them to a more 'vatsim-friendly' way of doing things. The idea behind this is that you can use it and not have to understand the OAuth.php cl[Mod - Happy Thoughts]es, which are a bit heavy to someone new to OAuth.

 

This cl[Mod - Happy Thoughts] uses the cURL extension and posts the data. You can send the parameters in headers (and get) as per the OAuth spec. I'd advise headers or POST - post is nice and easy and I imagined most people who had used cURL had tried posting before, so I figured it was the best bet.

 

config.php

 

A config file for you to fill in your credentials to our OAuth system. Going in order ($sso variable only):

 

  • base - the URL to the base of the server (listed below*)
  • key - your organisation/consumer key (i.e. your site's username).
  • secret - your organisation/consumer key secret (i.e. your site's p[Mod - Happy Thoughts]word).
  • return - the callback URL. Specify as whatever you like, however it MUST correspond to the domain names set in your account. (Note: I will make a post relating to the 'oob' option, which I don't imagine anyone will need yet)
  • method - you are allowed to sign with RSA (make sure you have openssl), or HMAC. I'm personally a fan of RSA keys, but HMAC is easier I suppose. The real version of this code will be over SSL anyway, which adds a bit more protection. I have purposefully turned off plaintext authentication as I think it defeats the purpose of the whole system of signatures
  • cert - put your (openssl) RSA private key in here (remember to upload your public key to the server so that we can decrypt this)

 

*Current base URLs:

Demo: http://sso.hardern.net/server/

Live: https://cert.vatsim.net/sso/

 

 

index.php

 

This is the file that the user views. I've tried to keep it as simple as possible. It's therefore quite messy and not very elegant, however it's there to show you what you have to do. Note the steps to use this system:

 

  1. Instantiate the SSO cl[Mod - Happy Thoughts], providing the config variables (#14)
  2. Request a token (#78)
  3. Send the user to vatsim (#84)
  4. Do a few checks to see if the user has been sent back with reasonable details (#22-40)
  5. Request the user's details (#43)

 

 

Demo

 

You can try a demo of this code by going here:

http://sso.hardern.net/client

 

Users to try can be found in this forum:

http://forums.vatsim.net/viewtopic.php?f=134&t=64909

 

As I mention here, please avoid using the "Remember site" option.

 

 

I hope that's relatively easy to follow from the index.php code. I'd encourage you to simply dump it on your server, put the credentials in to config.php and try it. [Mod - Happy Thoughts]uming it works, go from there. This thread will remain open for clarification/discussion

Link to comment
Share on other sites
  • 2 months later...
Kieran Hardern

Kieran Hardern

Posted
  • Author
Posted

Here is our current collection of code to get you going:

 

PHP

 

The basics:

https://bitbucket.org/KHardern/vatsim-sso-demo/src

Instructions

 

 

Composer package (built off the code above):

https://github.com/KHardern/VatsimSSO

Forum Post

 

 

Python

 

Code: https://bitbucket.org/nharasym/vatsim-sso/

Forum Post

 

 

Ruby

 

Code: https://github.com/Flox06/vatsim_sso

https://github.com/Flox06/sorcery

Forum Post

 

3rd Party software integration

 

OSTicket:

https://github.com/A-Lawrence/VatsimOSTicketAuth

 

Wordpress/BlaatSchaap

https://wordpress.org/plugins/blaatschaap-sso-vatsim/

Forum Post

 

IPBoard

https://github.com/A-Lawrence/VatsimIPBoardAuth

Link to comment
Share on other sites
  • Zach Biesse-Fitton unpinned this topic
Guest
This topic is now closed to further replies.
 Share
Go to topic listing