burberius / eve-esi Goto Github PK

javax.ws.rs.ProcessingException: Error refreshing an access token. Response status: 500.
    at org.glassfish.jersey.client.oauth2.AuthCodeGrantImpl.refreshAccessToken(AuthCodeGrantImpl.java:355)
    at net.troja.eve.esi.auth.OAuth.refreshToken(OAuth.java:78)
    at net.troja.eve.esi.auth.OAuth.applyToParams(OAuth.java:35)
    at net.troja.eve.esi.ApiClient.updateParamsForAuth(ApiClient.java:824)
    at net.troja.eve.esi.ApiClient.invokeAPI(ApiClient.java:706)
    at net.troja.eve.esi.api.SsoApi.getCharacterInfo(SsoApi.java:54)

SsoApi.getCharacterInfo() throws an exception that is not an ApiException. That is not expected behavior.

It looks like I'm having a little bit of trouble getting everything started. This is what I've done so far:

• everything listed in the setup section of the read me file
• imported the pom.xml file into IntelliJ
• changed the SSO_CLIENT_ID in the GeneralAPITest.java class to the one I generated from the eve developer's website
• changed String state in the main method of the SSOAuthTest.Java class to the secret I generated from the eve developer's website
• ran that main method

The program exit's immediately and says, "ClientId missing"

Can anyone tell me what I'm doing wrong?

Thanks

As per burberius suggestion on discord

When you have a lot of requests (like millions) it will check for every request if it is outdated
better would be do schedule some task that refreshes the token at the right time

Excuse me, I have a question. After the user is authorized to log in, when using the API, it needs to be based on the user's characterID, but I don't know how to use this library to query it.Looking forward to your answer, thank you

OAuth class is not thread safe.

Hi, the synchronized block here is causing problems for me, I wondered if anyone could explain the history of it? I suspect what's happening is the auth token request is not responding at

Given that ACCESS_TOKEN_CACHE is a ConcurrentHashMap, could we not remove the synchronized block?

Or perhaps set a timeout on the HttpURLConnection?

Hi,

I'm building an application that fetches market orders from both Jita and a Keepstar in nullsec. I have a few questions about how best to do this and to make comparisons between the orders returned:

1. The best method I have found to retrieve the orders from the Keepstar is to use the getMarketsStructuresStructureId() set of methods. Is this the best method to use?
2. The best method I have found to retrieve market orders from a station (like Jita 4-4) is to use the getMarketsRegionIdOrders() set of methods, since I can't find an equivalent method to #1 above for a station. This returns all orders in The Forge. Is there a better methodology that doesn't use as much server processing time and require an additional pruning step in the client application?
3. When comparing the responses from these two above, one is a MarketStructuresResponse and the second is the MarketOrderResponse. They seem to be functionally equivalent, but I'm having difficulty writing code that doesn't replicate methods (getting some Erasure error when trying to overload methods). Can these two response types be the same, or do you know how to programmatically compare them easily?

The library is working well for me, I'm just in the process of refactoring the code before I add some new features. Thanks!

Using the ALL scope in the SSO example won't work with all browser, due to the URL being too long.
Update the example to use only a few scopes.

Implement the SSO verify endpoint to get the character information.

http://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/obtaincharacterid.html

Currently the api does not support pagination in a usefull way. The MarketApi.getMarketsRegionIdOrders does take a page parameter, but there is no way to determine from the result how many pages there are. The result is just a List<MarketOrderResponse> but there is no way to get the "X-Pages" header to understand how many pages there are.

Either include the pagination logic in the API or make the header available in the response. The first solution would be preferred of course.

Build releases on Jenkins, sign and deploy them to Maven Central.

for example
https://esi.evetech.net/ui/#/Assets/get_characters_character_id_assets
has a header X-Pages which contains the count of asset pages. How can I access the headers to get this information?

Sorry, I'm not very familiar with these webstructures.

There are 3 scopes in SsoScopes.java that do not exist anymore:

• esi-mail.organize_mail.v1
• esi-mail.read_mail.v1
• esi-mail.send_mail.v1

Change the SSO documentation links from github to readthedocs

readthedocs is currently not up-to-date, once it's updated the links should be changed

readthedocs:
https://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/index.html
source:
https://github.com/burberius/eve-esi/blob/master/src/main/java/net/troja/eve/esi/auth/JWT.java#L13
https://github.com/burberius/eve-esi/blob/master/src/main/java/net/troja/eve/esi/auth/OAuth.java#L89

Currently having problem with generating code on windows with the codegen version 2.4.x and 3.0.x
None of the model classes are created. 2.3.1 works without problems.

I have the situation that I am fetching an accessToken and a refreshToken through EveSSO. The point is that I have to persist the refreshToken (I am taking care of encryption at rest), because the authentication provided should be retained over multiple executions of the application.
As adviced on the main README.md, I was bootstrapping the ApiClient with

new ApiClientBuilder().refreshToken(refreshToken).clientID(clientid).build();

However, when performing the next call for which ESI requires authentication, I get back an unauthorized.
A little debugging showed me that only an instance of OAuth

and not an instance of RetryingOAuth is created. Apparently, this leads to the effect that the Authorization header is filled with a Bearer null value.
I also tried to manually configure the ApiClient instance manually, making sure that a constructor is being called which creates an Authentication of type RetryingOAuth. However, also there, no avail: I could not get it running. There, the Authorization header isn't filled at all - and a break point in method retryingIntercept of RetryingOAuth is never hit.

What am I doing wrong?

When trying to create a new refresh token containing multiple scopes this fails with "unknown scope". The problem seems to be that the seperating space added in OAuth.getScopesString() is encoded to a '+' in glassfish. I would suggest to just use"%20" instead of ' ' as seperator in OAuth.getScopesString().

I am trying to read a character´s assets and add the names of the found location ids.
Reading the assets works fine. But when I feed the location ids into postCharactersCharacterIdAssetsNames I always get an internal server error (http 500).

Here is the code snippet that calls the method throwing the exception:

       List<CharacterAssetsNamesResponse> response = new ArrayList<CharacterAssetsNamesResponse>();
        boolean retry = true; 
        int tryCount = 0; 
        while (retry && tryCount <= EsiUtilityAssets.TRY_LIMIT) {
			try {
				tryCount++; 
				response = assetApi.postCharactersCharacterIdAssetsNames(characterId, ids, DATASOURCE, refreshToken); 
		        retry = false; 
			} catch (ApiException e1) {
				e1.printStackTrace();
			}
        }

The assetApi is functional, because immediately before I can read the assets through the same api object using getCharactersCharacterIdAssets. Therefore also the characterId and the refreshToken must be correct.
The ids are extracted from the result of the call to getCharactersCharacterIdAssets. :

                List<Long> assetLocations = new ArrayList<Long>();
		for (CharacterAssetsResponse r : assetList) {
			if (!assetLocations.contains(r.getLocationId()) && r.getLocationTypeString().equals("item")) {
				assetLocations.add(r.getLocationId()); 
			}
		}

Are there any restrictions on the id´s that may be used here which I am overlooking?

https://esi.evetech.net/v4/characters/123456789/?datasource=tranquility

The ESI API in the meantime only specifies

x-alternate-versions | ["dev","legacy","v5"]

/v4 in the meantime only returns HTTP status code 404.

A proper response is returned if the URL

https://esi.evetech.net/v5/characters/123456789/?datasource=tranquility

is queried instead.

Note that in the header, the API generator states that version 1.8.2 was used:

That is indeed the most recent version. However, we still query the old v4 endpoint...

Currently the scopes are used in three ways: String[], Set, and just a String
That should be unified to only one, preferable Set so checking the supported ones as expected by #13 is easy.

HeaderUtil.getExpires(...) does not work anymore, because of the new date format

New date format is:
dd MMM yyyy kk:mm:ss zzz
Old date format was:
EEE, dd MMM yyyy kk:mm:ss zzz

Why is my error limit remain at 0 when I only do a single request?

Jul 03, 2019 6:18:21 PM okhttp3.internal.platform.Platform log
INFORMATION: --> GET https://esi.evetech.net/verify/?datasource=tranquility
Jul 03, 2019 6:18:21 PM okhttp3.internal.platform.Platform log
INFORMATION: Authorization: Bearer eyJhbGci.....
Jul 03, 2019 6:18:21 PM okhttp3.internal.platform.Platform log
INFORMATION: Accept: application/json
Jul 03, 2019 6:18:21 PM okhttp3.internal.platform.Platform log
INFORMATION: User-Agent: eve-esi/slack:@GoldenGnu
Jul 03, 2019 6:18:21 PM okhttp3.internal.platform.Platform log
INFORMATION: --> END GET
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: <-- 420 status code 420 https://esi.evetech.net/verify/?datasource=tranquility (360ms)
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Date: Wed, 03 Jul 2019 16:18:22 GMT
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Content-Type: application/json; charset=utf-8
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Content-Length: 429
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Connection: keep-alive
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Access-Control-Allow-Credentials: true
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Access-Control-Allow-Headers: Content-Type,Authorization,If-None-Match,X-User-Agent
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Access-Control-Allow-Methods: OPTIONS,GET,HEAD,OPTIONS
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Access-Control-Allow-Origin: *
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Access-Control-Expose-Headers: Content-Type,Warning,ETag,X-Pages,X-ESI-Error-Limit-Remain,X-ESI-Error-Limit-Reset
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Access-Control-Max-Age: 600
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Allow: OPTIONS,GET,HEAD,OPTIONS
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Content-Language: en-us
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Strict-Transport-Security: max-age=31536000
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: Vary: Accept-Language
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: X-Esi-Error-Limit-Remain: 0
Jul 03, 2019 6:18:22 PM okhttp3.internal.platform.Platform log
INFORMATION: X-Esi-Error-Limit-Reset: 38

The issue I'm having is that OAuth itself isn't serializeable, and therefore I can't stash it in my session store (the callback may be served on another app instance, so I can't just keep it in memory).

If there were a getter/setter for the codeVerifier, I could simply stash the string in my session and recreate an identical OAuth in the callback handler.

I can work on a PR for this if you'd like, or if there is a design issue I'm missing please let me know.

It’s now possible to revoke access and refresh tokens.
We should add support for that.

• https://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/tokenrevocation.html
• ccpgames/sso-issues#7

EVE Online's servers in China, Serenity servers operated by NetEase, are now also open to ESI, so this middleware can also be used for third-party application development of EVE China servers.
In your application, hard-coded the interface address of ESI in the code, which is no longer a proper way to write it.
Perhaps you can try to configure this address as an enumeration, using a switch variable to specify which value to use.

Serenity's ESI address is https://esi.evepc.163.com/

Hello all.

I've been trying to use the code provided in SsoAuthTest#main to get tokens from the SSO page.

So far I have setup so that my browser opens the EVE SSO page and I can authorize a characer. When I authorize i get taken to a localhost page. Is this correct functionality? How do I verify that in Java that the SSO worked and I have received a refresh token?

Someone posted this repo on #esi
It, may be something we can use for offline tests:
https://github.com/antihax/mock-esi

It would be desirable if api call template generation would include handling of "Bad Gateway" (-> retry) and "Not Found" (-> ApiException sub type) such that I don't have to write that boiler plate code for every api call I use myself. Maybe allow the user to install a hook into the api client to evaluate and respond to API responses on a general level.

Also, language and datasource parameters could be set once at the client level, instead of adding those parameters to each single call.

declares a variable called tokenUrl and initializes it with the empty string.
The next if condition uses this variable by

Here "".equals(tokenUrl) evaluates to true.
Then, !"".equals(tokenUrl) is always false.

An ever-false value which is ANDed with anything else will always result in false.
Hence, the code in the if block is dead code (and can never be reached).

It seems that if you use a custom okHttpClient in the ApiClientBuilder, that it won't get the async interceptor added and therefore won't work for async calls.

There is an NPE if there is no scp key in the JWT, which can happen if you are using SSO simply to authorize and not request any scopes:

            JsonElement element = jsonObject.get("scp");
            if (element.isJsonArray()) {

For the past week or so I have been getting Bad Gateway errors. As far as I know, nothing in my code has changed. I updated to the latest version of the library from GitHub, but no change. My application gets to near the end of its code before receiving this error. Any ideas?

MainTest.main> Getting all sell orders in Jita 4-4...189331 orders
MainTest.main> Pruning Jita orders...153527 orders
MainTest.main> Retrieving market statistics for Delve...50 100 150 200 250 300 350 400 450 500 550 600 650 700 750 800 850 900 950 1000 MainTest.main> Exception: net.troja.eve.esi.ApiException: Bad Gateway
net.troja.eve.esi.ApiException: Bad Gateway
at net.troja.eve.esi.ApiClient.handleResponse(ApiClient.java:1091)
at net.troja.eve.esi.ApiClient.execute(ApiClient.java:995)
at net.troja.eve.esi.api.MarketApi.getMarketsRegionIdHistoryWithHttpInfo(MarketApi.java:1352)
at net.troja.eve.esi.api.MarketApi.getMarketsRegionIdHistory(MarketApi.java:1321)
at MainTest.main(MainTest.java:200)

All methods except getters could be hard to test!

We need to do online tests for corporations too.

Depends on #14

I tried to run SsoAuthTest, but ran into an issue pretty fast. The esi auth page returns
{"error":"invalid_request","error_description":"Some parameters are either missing or invalid"}
after I logged in with my eve account.

Console output:

Authorization URL: https://login.eveonline.com/oauth/authorize?scope=esi-characters.write_contacts.v1+esi-skills.read_skills.v1+esi-characters.read_fatigue.v1+esi-corporations.read_divisions.v1+esi-corporations.read_corporation_membership.v1+esi-bookmarks.read_character_bookmarks.v1+esi-assets.read_corporation_assets.v1+esi-fittings.read_fittings.v1+esi-contracts.read_corporation_contracts.v1+esi-fleets.write_fleet.v1+esi-ui.write_waypoint.v1+esi-industry.read_character_jobs.v1+esi-bookmarks.read_corporation_bookmarks.v1+esi-clones.read_clones.v1+esi-industry.read_character_mining.v1+esi-calendar.respond_calendar_events.v1+esi-characters.read_agents_research.v1+esi-location.read_online.v1+esi-mail.read_mail.v1+esi-characterstats.read.v1+esi-search.search_structures.v1+esi-corporations.read_contacts.v1+esi-corporations.read_container_logs.v1+esi-characters.read_contacts.v1+esi-fittings.write_fittings.v1+esi-markets.structure_markets.v1+esi-wallet.read_corporation_wallets.v1+esi-characters.read_corporation_roles.v1+esi-wallet.read_character_wallet.v1+esi-assets.read_assets.v1+esi-killmails.read_killmails.v1+esi-characters.read_medals.v1+esi-location.read_ship_type.v1+esi-skills.read_skillqueue.v1+esi-contracts.read_character_contracts.v1+esi-mail.send_mail.v1+esi-alliances.read_contacts.v1+esi-location.read_location.v1+esi-ui.open_window.v1+esi-fleets.read_fleet.v1+esi-industry.read_corporation_mining.v1+esi-corporations.read_blueprints.v1+esi-calendar.read_calendar_events.v1+esi-markets.read_character_orders.v1+esi-markets.read_corporation_orders.v1+esi-characters.read_notifications.v1+esi-characters.read_standings.v1+esi-characters.read_opportunities.v1+esi-corporations.read_standings.v1+esi-characters.read_chat_channels.v1+esi-industry.read_corporation_jobs.v1+esi-characters.read_fw_stats.v1+esi-corporations.read_titles.v1+esi-universe.read_structures.v1+esi-corporations.track_members.v1+esi-corporations.read_fw_stats.v1+esi-characters.read_loyalty.v1+esi-mail.organize_mail.v1+esi-corporations.read_structures.v1+esi-corporations.read_outposts.v1+esi-corporations.read_starbases.v1+esi-clones.read_implants.v1+esi-killmails.read_corporation_killmails.v1+esi-corporations.read_medals.v1+esi-planets.manage_planets.v1+esi-characters.read_titles.v1+esi-corporations.read_facilities.v1+esi-characters.read_blueprints.v1+esi-planets.read_customs_offices.v1&response_type=code&state=somesecret&redirect_uri=http%3A%2F%2Flocalhost&client_id=MYCLIENTID
Code from Answer: 

Not sure what I'm doing wrong here. I created an application on developers.eveonline.com and added the client id and secret key to the run parameters.

version is 2.1.5

The official esi documentation states when it comes to updating the auth token via a refresh token:
The Authorization header must be the word "Basic" followed by the base-64 encoded string of {client id}:{client_secret}.

After digging a bit around in the code i saw, that the method net.troja.eve.esi.auth.OAuth#refreshToken does not include the client_secret.

I'm not sore if the missing secret causes the 400 response when calling the update method.

Am I missing something with the usage?

i'm using version 4.1.0

• Update SsoApi
• Fix Tests
• Update templates

https://developers.eveonline.com/blog/article/sso-endpoint-deprecations-2
Dev blog is down, temporary link: https://web.archive.org/web/20211009142752/https://developers.eveonline.com/blog/article/sso-endpoint-deprecations-2

• Ensure refresh token rotation works
  • Untested, but, code have been reviewed and looks correct...
• Add web/site flow (PKCE is no longer acceptable if you can keep the secret safe)
  • #124
• Remove SSO meta endpoints (they’re all going to be removed)
  • #124
• Verify JWT? This will be the only way to get the characterID going forward, so maybe it would be nice to have it verified (even though we always get the JWT from a trusted source)
• Rate limits for failed requests and Retry-After header

Add library to eve awesome:
https://github.com/devfleet/awesome-eve/blob/master/README.md