Jump to content
Zach Biesse-Fitton

VATSIM Connect Discussion

Recommended Posts

Hi webmasters,

If you have questions about the new VATSIM Connect (SSO) system, please post them here.

More information about VATSIM Connect can be found in the following thread: 

https://forums.vatsim.net/topic/26902-new-sso-vatsim-connect-update/

Enjoy!

  • Thanks 1

Zach Biesse-Fitton
Vice President - Web Services
VATSIM Board of Governors

Share this post


Link to post
Share on other sites

Hey,

 

first off all thanks for the great work you are doing.

 

Just one little question about the new Connect system.

In the documentation it lists some development accounts that can be used. But I can't figure out a way to activate a local or demo environment.

Maybe someone has an idea?

Share this post


Link to post
Share on other sites

Hi Sebastian, 

Thanks for bringing this up. The demo accounts are for use within the demo environment which is located at http://auth-dev.vatsim.net 

To get a set of OAuth credentials, login with any of the demo accounts listed in the documentation and click view "VATSIM Connect Demo" then OAuth. When making requests, utilise http://auth-dev.vatsim.net in place of https://auth.vatsim.net. 

If you have any issues let us know.

Cheers

Harrison

  • Like 1
  • Thanks 1

Harrison Scott
VATSIM Web Developer
Director Operations, VATSIM Australia Pacific
[email protected]

 

 

Share this post


Link to post
Share on other sites
Posted (edited)

In the documentation at step 2, I expect the answer from VATSIM after user authorize access is: scopes, token_type, expires_in, access_token, and refresh_token. But, I don't get that in the actual answer, I get anything but scopes.

Both auth-dev.vatsim.net and auth.vatsim.net return the same result.

Is it a bug or it's actually like that?

Edited by Wildan Gunawan

Wildan Gunawan

vACC Director, Indonesia vACC

Share this post


Link to post
Share on other sites

Hi @Wildan Gunawan,

It should definitely should return the scopes. I'll look into the issue this evening and let you know in this thread when the issue has been rectified.

Cheers

Harrison


Harrison Scott
VATSIM Web Developer
Director Operations, VATSIM Australia Pacific
[email protected]

 

 

Share this post


Link to post
Share on other sites

Hi @Wildan Gunawan,

The changes are live within the development environment, let me know if you have any issues. 

I'd expect them to be in production this evening.

Cheers


Harrison Scott
VATSIM Web Developer
Director Operations, VATSIM Australia Pacific
[email protected]

 

 

Share this post


Link to post
Share on other sites

Great, new SSO Platform, thanks a lot for the work!

Would it be possible to add the following information in the return as well?

- Active/Inactive Account
- Suspended Yes/No
- ATC Rating (before I1/I3/SUP/ADM)
- VATSIM-Registration Date
- Subdivision Assignment Date (don't know if available)

- ATC Hours (Total and per rating)
- PILOT Hours (Total)

- Last Online ATC (Date/Time Callsign)
- Last Online PILOT (Date/Time Callsign)

Once again, thanks for the work and for considering.

Best regards
Mike


Kind regards, Mike Welten

Leader Technology Department. vACC Switzerland

Share this post


Link to post
Share on other sites

Similar to @Mike Welten I would be keen to see a little more data in the return. Post above covers it pretty well.

As it stands, I am going to have to fire off an API call as part of the auth flow to gather some of the basic user data (e.g. their rating). We use this to immediately cascade their account into our other services (e.g. Training System, Forum etc) and to be able to tailor their experience to their use case. Visitors see a different homepage to home members for example.


Calum Towers
Web Services Director
BFunKC2.png
Network Supervisor

Share this post


Link to post
Share on other sites
15 hours ago, Calum Towers said:

Similar to @Mike Welten I would be keen to see a little more data in the return. Post above covers it pretty well.

As it stands, I am going to have to fire off an API call as part of the auth flow to gather some of the basic user data (e.g. their rating). We use this to immediately cascade their account into our other services (e.g. Training System, Forum etc) and to be able to tailor their experience to their use case. Visitors see a different homepage to home members for example.

Excuse my slight ignorance, I wasn't requesting all of the scopes we needed! So we now have most of the data we need.
@Mike Welten - You should be able to determine active/inactivate and banned/unbanned should be available under the vatsim dataset of the return (using the vatsim_details scope).

Could still do with the user's reg date if possible!


Calum Towers
Web Services Director
BFunKC2.png
Network Supervisor

Share this post


Link to post
Share on other sites

I don't think so, just checked the return of the User with 10000011 auth-dev, he should be suspended according the documentation.
I can't find any information which was requested above, or do I miss something?


Kind regards, Mike Welten

Leader Technology Department. vACC Switzerland

Share this post


Link to post
Share on other sites

It seems that after redirecting back from VATSIM, if successful, the return URL does not include the state parameter. It only has code. The state parameter is only included if access is denied.

(Reposted from the other forum since it seems this is where questions should be)


spacer.png

Blake Nahin

VATUSA Data Services Manager

https://vatusa.net

Share this post


Link to post
Share on other sites

I've a question if the auth-dev accounts could be configured to have unique e-mails? Many services (that's not made by us, for instance forum software) use e-mail as the unique key to identify users. It becomes a bit tricky to test with when all auth-dev accounts 10000002, 10000003 and so on are the same email and we want to test 🙂


Daniel Lange

Web Services Director
Vatsim Scandinavia

[email protected]

Share this post


Link to post
Share on other sites

Hi Guys,

@Mike Welten We could facilitate Active/Inactive, Reg Date and suspended (Should be their rating, I'll investigate the demo account). For information pertaining to time online etc.. I invite you to take a look at the new VATSIM API here

@Calum Towers Reg date can certainly be added, I'll add it to the list.

@Blake Nahin I'll investigate the issue and get back to you.

@Daniel Lange I'll change the emails on the dev accounts to facilitate using emails as the unique key.

 

Thanks for your feedback on Connect, I'll get back to you all ASAP.

Cheers

Harrison

  • Like 1
  • Thanks 1

Harrison Scott
VATSIM Web Developer
Director Operations, VATSIM Australia Pacific
[email protected]

 

 

Share this post


Link to post
Share on other sites

Not sure if this is just me, but I've tried this across two different services and experience the same. When I try to test giving insufficient data access (where the user ticks off which scopes to share) on auth-dev, it just redirects to auth (production) login and not back to my service. Could it be that auth-dev just have a small misconfig? 🙂 

Pretty much reproduce this by logging in with ticking off any scope.


Daniel Lange

Web Services Director
Vatsim Scandinavia

[email protected]

Share this post


Link to post
Share on other sites

Is there any news on the unique email addresses for the auth-dev accounts? 🙂 Could you perhaps simultaneously make the names unique as well? For instance "Web One", "Web Twelve" or something?

 


Daniel Lange

Web Services Director
Vatsim Scandinavia

[email protected]

Share this post


Link to post
Share on other sites

That doesn’t represent the live system accurately though. All PR accounts have the same email addresses and names, as do many duplicate ones too. Both of these are able to use Connect and log into an application unless the app itself restricts it.

It’s not my choice to modify it or not, but I do think having it like this in the development environment allows people to avoid/fix problems which could arise further down the line in production.


Néstor Pérez
Web & Server Dev Team
## [email protected]
Facebook Twitter Github
VATSIM Logo

Share this post


Link to post
Share on other sites
7 hours ago, Nestor Perez said:

That doesn’t represent the live system accurately though. All PR accounts have the same email addresses and names, as do many duplicate ones too. Both of these are able to use Connect and log into an application unless the app itself restricts it.

It’s not my choice to modify it or not, but I do think having it like this in the development environment allows people to avoid/fix problems which could arise further down the line in production.

Best of two worlds then? Make two of the high-level accounts (e.g. 10000009 & 10000010) have the same e-mail, rest can be unique? Because having all accounts with the same or equal addresses only aren't good test cases. 🙂 We need at least some unique accounts because majority of users on VATSIM are private users which should only have one unique account which indirectly translated to unique address as well.


Daniel Lange

Web Services Director
Vatsim Scandinavia

[email protected]

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×
×
  • Create New...