[beta] SDK 2.0 with Namespaces and OAuth2 support!

Trackmania Forever public API and its open source PHP SDK.

Moderator: NADEO

User avatar
gouxim
Nadeo
Nadeo
Posts: 1154
Joined: 14 Jun 2010, 17:20

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by gouxim » 25 Jul 2011, 18:19

m4rcel wrote:So there seems to be an htmlspecialchars() too much somewhere ^^
It's indeed an encoding error. But there's not a single htmlspecialchars(). In the following file, on line 252, we create a POST body with the mime-type "application/x-www-form-urlencoded" (just like a URL query string) by using the http_build_query() function:

http://code.google.com/p/trackmania-ws- ... nt.php#252

Maybe you can try to add " var_dump($params);exit; " just after that (just before the // FIXME). In the output, are the "&" encoded as "&" or are they still "&" ?

You can also try to replace

Code: Select all

http_build_query(array(.......));
with

Code: Select all

http_build_query(array(.....), '', '&');
and see what happens.




The default value of the PHP directive "arg_separator.output" is "&" ; Maybe on your system it's "&", that would explain this behaviour.
Please do not PM for support. Instead, create a thread so that everyone can contribute or benefit from the answer! 8-)

User avatar
m4rcel
Posts: 653
Joined: 15 Jun 2010, 11:12
Contact:

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by m4rcel » 25 Jul 2011, 18:54

Thank you for this information, there was indeed an "&" as arg_separator within the php.ini, not as arg_separator.input but as arg_separator.output. After I changed it to "&", and now I was able to get the private data :)

Nevertheless, I tried your suggestions (with the "&" in the php.ini). Printing the $params at the named place shows, that the "&" are already escaped to "&". Modifying the one line fixes the problem, even with the "&" in the php.ini.

I hope this information are helpful ;)
ImageImage
Image

User avatar
gouxim
Nadeo
Nadeo
Posts: 1154
Joined: 14 Jun 2010, 17:20

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by gouxim » 25 Jul 2011, 21:51

Indeed, I will update the SDK tomorow to force the usage of "&" as a separator whatver the value in the php.ini is.

Edit: I updated the code on the SVN (http://code.google.com/p/trackmania-ws- ... etail?r=26), but I won't make a release just for this.
Please do not PM for support. Instead, create a thread so that everyone can contribute or benefit from the answer! 8-)

User avatar
m4rcel
Posts: 653
Joined: 15 Jun 2010, 11:12
Contact:

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by m4rcel » 27 Jul 2011, 10:05

So now I have a question of basic understanding, in how this OAuth works:

What I already implemented is a little script, with the Login-Link. Clicking on this will redirect the user to the Playerpage, let him login, and re-redirect him back to my script, giving a "code" and a "state" parameter. Right within this call of the script, I am able to request the Buddies, Online state etc. of this user.

But... How am I supposed to request these data in the future?
Let's say, I want to re-request the Online state of the user after 15 minutes to keep it up-to-date. How to do so, without having the user to login (as he already granted access to his account)?
ImageImage
Image

User avatar
gouxim
Nadeo
Nadeo
Posts: 1154
Joined: 14 Jun 2010, 17:20

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by gouxim » 27 Jul 2011, 14:10

Here's how it works:
  • You login with the player page
  • You allow the application
  • You are redirected to the Website with the "code" (Authorization Code in the OAuth2.0 spec) in the URL (the state parameter is optional, it's a protection against CSRF attacks)
  • The SDK sees the Authorization Code and make a POST request on the TMWS to exchange this Authorization Code for an Access Token. In this request is included the API Username & password, so we are sure that it's the right application. The response of this request is an Access Token.
  • The access token is saved in the session, so you can use the SDK to make calls later in that session.
  • The access token lifetime is 3600 seconds. When it expires, you need to redirect the user to the Login URL in order to get a new access token.
Later, we may implement the Refresh Token: when you receive the Access Token, you can also receive a Refresh Token: it has a long lifetime and you can use it to get a new Access Token for that user, without having to redirect the user to the Login URL.

So for now you can make request on behalf of a user (ie. with an Access Token) only during the lifetime of the access token. When Refresh Tokens are available, you will also be able to make requests when the user is not logged in. I really don't have a release date for that feature, nor I am sure that we will actually implement it in TMF (there's way too much work to do at the moment with the release of TM2... :) )
Please do not PM for support. Instead, create a thread so that everyone can contribute or benefit from the answer! 8-)

User avatar
m4rcel
Posts: 653
Joined: 15 Jun 2010, 11:12
Contact:

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by m4rcel » 27 Jul 2011, 16:47

Thank you very much, this was exactly what I wanted to know :)
ImageImage
Image

User avatar
steppie
Translator
Translator
Posts: 103
Joined: 25 Apr 2011, 21:55
Location: Denmark
Contact:

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by steppie » 28 Jul 2011, 16:48

So I had a look at it too, interesting stuff :) and some questions now.

1. Can you access both Email, Buddies etc. in the same sessions, and if how?
2. When I call logout I'm not redirected back to my site, how come?
3. How to re-request with the given access Token?
Image
.Image
.Image

User avatar
gouxim
Nadeo
Nadeo
Posts: 1154
Joined: 14 Jun 2010, 17:20

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by gouxim » 28 Jul 2011, 18:24

steppie wrote:1. Can you access both Email, Buddies etc. in the same sessions, and if how?
You can specify several elements in the scope, separated by a coma. And "basic" is already included to you can do "buddies email" for instance.
steppie wrote:2. When I call logout I'm not redirected back to my site, how come?
It lacks a redirection when you logout out of the player page. Should be fixed soon.
steppie wrote:3. How to re-request with the given access Token?
The access token is stored in the session ; whenever TrackMania\WebServices\OAuth2\Client::executeOAuth2Request() is called, it includes the access token in the request. So basically once the player is logged in, you can execute methods from the TrackMania\WebServices\OAuth2\Player class without worrying about access tokens.
Please do not PM for support. Instead, create a thread so that everyone can contribute or benefit from the answer! 8-)

User avatar
w1lla
Posts: 2359
Joined: 15 Jun 2010, 11:09
Location: Netherlands
Contact:

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by w1lla » 29 Jul 2011, 09:45

nice release... especially oauth2... Anyway love this work...

Could the rate limiting be properly made as now it shows us serveral dates in between each other.
TM² Info
SM Info
QM Info

OS: Windows 10 x64 Professional
MB: MSI 970A-G46
Processor: AMD FX-6300 3500 mHz
RAM Memory: 16 GB DDR3
Video: SAPPHIRE DUAL-X R9 280X 3GB GDDR5
KB: Logitech G510s
Mouse: Logitech G300s
Mode Creation
ManiaScript Docs

User avatar
gouxim
Nadeo
Nadeo
Posts: 1154
Joined: 14 Jun 2010, 17:20

Re: [beta] SDK 2.0 with Namespaces and OAuth2 support!

Post by gouxim » 29 Jul 2011, 10:35

w1lla wrote:Could the rate limiting be properly made as now it shows us serveral dates in between each other.
I'm not sure I understand. Are you talking about the dates at the bottom of the request rate graph?
Please do not PM for support. Instead, create a thread so that everyone can contribute or benefit from the answer! 8-)

Post Reply

Return to “Trackmania Forever Web Services”

Who is online

Users browsing this forum: No registered users and 1 guest