Jump to content

You're browsing the 2004-2023 VATSIM Forums archive. All content is preserved in a read-only fashion.
For the latest forum posts, please visit https://forum.vatsim.net.

Need to find something? Use the Google search below.
PLEASE READ - Webmaster Support Forum
This forum will be retired in the near future. Please direct all queries to our dedicated GitHub support page https://github.com/vatsimnetwork/developer-info/discussions 
Here you can find documentation on our services and we are continuing to migrate pertinent information into the Wiki pages https://github.com/vatsimnetwork/developer-info/wiki

[Resolved] Use with internal test system


Klaus Basan
 Share

Recommended Posts

Klaus Basan
Posted
Posted

First of all, great that SSO will be eventually supported by VATSIM.

 

I wonder if it is somehow possible to test your SSO system with an internal development system? We at the swift pilot client team use a virtual machine LAMP system to develop our model matching database. From time to time we release to an official server at VATSIM Germany.

 

It'd be of benefit if we could already test SSO during the development phase, before releasing. Is there any chance to register a system which has no external IP/DNS name?

 

Background:

Internal LAM system, host name not visible outside local network, internal IP -> GIT hook ->

VATSIM Germany LAMP system

 

We can only release via a GIT hook. If we cannot test locally, we will spoil the repository by premature code.

 

PS: Feel free to move this thread if you do not like it on top level ....

Link to comment
Share on other sites

Kieran Hardern
Posted
Posted

As long as this is only on the test system (i.e. sso.hardern.net) and doesn't need to utilise the live system (i.e. cert.vatsim.net), I can set up a development option for no IP (next week - no availability right now). The 'released' version would need to be on a server with IPs we could match... I'm [Mod - Happy Thoughts]uming that's the plan from what you've said.

 

For the domain name issue, the way to do that will be to set the callback as "oob" (out of band), which would display the verifier string to the user. You can then copy and paste it into your local "return" URL to simulate a callback. You are supposed to have the token in the callback as well... but I don't think that's a necessary part of the system as long as you locally [Mod - Happy Thoughts]ociate the token with the user. In fact it kind-of encourages bad security practice just being there (I was very tempted to not use it). I can make it output both parameters on dev though if needed.

Link to comment
Share on other sites

Klaus Basan
Posted
Posted

Sounds reasonable, thanks. Your [Mod - Happy Thoughts]umption is correct, the official server will have an external IP and domain name.

Link to comment
Share on other sites

Kieran Hardern
Posted
Posted

OK then. I'm in the middle of exams at the moment, but I'll sort this for you next week.

Link to comment
Share on other sites

  • 2 weeks later...
Kieran Hardern
Posted
Posted

I've built in the ability for the development environment only to allow a wildcard option for IPs making the calls. Anyone who needs this will need me to enable it for their credentials.

Link to comment
Share on other sites

Klaus Basan
Posted
Posted

Thanks, as soon as I have time to test it I will let you know. However, good to know I can use this feature, cheers.

Link to comment
Share on other sites

  • 3 weeks later...
Kieran Hardern
Posted
Posted

To update this for anyone that wants to do this as well, this issue is no longer relevant to the test system. You can now use the test system from any server with a callback to wherever you need, using the demo credentials:

 

http://forums.vatsim.net/viewtopic.php?f=134&t=65319

 

You don't have to request for a wildcard on your credentials. Wildcards are not permitted on the live system.

Link to comment
Share on other sites

 Share