Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Getting Cocomo UserID on back end [php] auth: possible?

Avatar

Level 4

hey guys

i'm building the front end of a new cocomo app, i have some php guys doing the back end for a system they've already built (let's call it 'squirrel'). now squirrel has got its own login system already so we're planning on doing the php > cocomo api backend login, loosely documented by the attached img (taken from the afcs.pdf doc').

now, on the one hand i've got a complete list of people with unique squirrelIDs from squirrel and on the other when someone comes into a cocomo room/session i've got a cocomo assigned ID.

now when users in the cocomo session post txt chat snippets, i need to listen for the posting event and save that chat snippet into the squirrel back end assigned to the correct squirrel user (only people in the official squirrel list are allowed access to the cocomo chat) meaning what i have to do is crosscheck a cocomo user id against a squirrel user id [in order to find the correct user and save the chat snippet into the squirrel back end tied to the correct squirrel user id]

now i can see of no way of cross checking a cocomo id against a squirrel id from the front end, so i'm assuming that either i'm wrong about that or that the only way to do this is via the back end auth system.

the question then: when we log a user into cocomo using the back end system documented in the attached image, can we get the cocomo user id at that point? or is there another way of doing this, am i missing something?

0 Replies

Avatar

Employee

yes, if you are using external authentication, the AFCS userId is constructed from the information in the token.

it should be in the form of:

     EXT-<accountName>-uniqueID

Where the accountName is your account name, and the uniqueID is the id you pass in the token (presumably your squirrelID)

If you run your application in the debugger you should see those userIds in the traces.

Avatar

Level 4

thanks raff, i'll have a look at that tomorrow

Avatar

Level 4

having just been returned an authToken from my back end guys it looks like this:

exx=LUp98u7LKuyO7uoIuykjhlO8lkuHlkUHoiUYjkhLkhygreyer5dGNVkYTiKUGHkJGFLhYIrtUYrdHGFdGHfdHGrdeyRTtkgjyGJ^yk6gkjyGkjp=

so by your formula of:

EXT-<accountName>-uniqueID

i'm assuming:

EXT = "exx"

accountName = "LUp98u7LKuyO7uoIuykjhlO8lkuHlkUHoiUYjkhLkhygreyer5dGNVkYTiKUGHkJGFLhYIrtUYrdHGFdGHfdHGrdeyRTtkgjyGJ^yk6gkjyGkjp"

uniqueID = ""

leaving me wondering:

.oO{ what does 'EXT' mean anyway? }

.oO{ and why is the uniqueID blank? }

.oO{ or have i just misunderstood? }

.oO{ or is it that my backend guys aren't passing me what they're supposed to be passing me? }

Avatar

Level 10

Authtoken != userID. Once the user logs in with the authToken, he/she is assigned a userID. You'll find that if you supplied your own unique "squirrelIDs" on the backend when building the authToken (it's one of the parameters for creating one, along with displayName and role), then that user will end up with the userID specified, prepended by the extra string bits Raff mentioned (EXT means "external", and we add your account name for some extra namespacing to ensure everyone has unique userIDs).

nigel

Avatar

Employee

Nope!

If you look at the way the authentication token is generated (and ignore the value ) :

authtoken = session.getAuthenticationToken(secret, username, userID, role);

and assume your account is "testaccount" and your userID is 12345

the internal userID used by AFCS is going to be EXT-TESTACCOUNT-12345

(EXT means external 'token', and the exx is supposed to me "external and encoded")

So, when you get a chat message and look at the userID of the sender, you should have something like what I have described, and you can get your squirrelID (or whatever unique ID your backend guys passed in) by parsing the string and getting the last part.

Note that if a user enters a room twice the userID of the second instance will look like <userID>/2 (i.e. EXT-TESTACCOUNT-12345/2) so you may want to cover that case too.

Avatar

Level 4

ok cool, once i manage to get my user logged in ill have a look at this userID stuff

in the meanwhile, im getting a token and a roomURL from my backend guys now and then doing this with it:

var roomURL:String = notification.getBody().toString();
cocomoSession.roomURL = roomURL;
cocomoSession.login();

thats means im NOT setting a userName and password on my AdobeHSAuthenticator before the login attempt. VERY shortly after that i'm getting this error:

AFCS Beta Build # : 0.92
requestInfo http://connectnow.acrobat.com/[OUR_TEST_ACCOUNT]/[OUR_ROOM_NAME]?exx=[OUR_AUTH_KEY]=&mode=xml&x=0.32322668796405196
#THROWING ERROR# bad authentication key
Error: Invalid username or password:Login again
    at com.adobe.rtc.authentication::AbstractAuthenticator/onLoginFailure()[/Users/[MY_USER_NAME]/Documents/Flex Builder 3/CocomoSDK_0.92/src/com/adobe/rtc/authentication/AbstractAuthenticator.as:182]

obviously i've swapped out all the ACTUAL data sent from the back end auth service for things like [OUR_AUTH_KEY] here cos i don't want the whole net seeing my auth key, but hopefully you get the picture. the error suggests i need a userName and password but my understanding of this authToken is that that precisely avoids the need for such things.

do i need to supply a userName and password anyway?

Avatar

Level 4

ok this is plain frustrating now. i'm getting an authToken, passing to to my authenticationKey and calling connectsessioncontain.login(); and it just keep breaking, complaining about a userName and password

i have been deliberately leaving my ACTUAL authkey etc out of my post for security reasons but ours is only a two-day old test account that can be deleted and replaced at any time, so i'm posting the ACTUAL debug error output here in the hope that someone knows why this error is happening:

my trace output:

cocomoSession.roomURL: http://connectnow.acrobat.com/sequoya2/testing123
cocomoSession.authenticator.userName:
cocomoSession.authenticator.password:
cocomoSession.authenticator.authenticationKey: exx=eDpCaW5nbyBCYW5nbzo6c2VxdW95YTI6MTIzOnRlc3RpbmcxMjM6MTAwOjgwNDhlNTlkNzI0NzczYzQzZWYwZWFhYTA0MzkyOGE1ZDIwYThjMGI=
calling cocomoSession.login();...

cocomoSession is my instance of ConnectSessionContainer. this shows that userName and password are NULL, but roomURL is a valid cocomo roomURL and that i have a genuine authenticationKey from the back end.

then, the error that is immediately thrown:


AFCS Beta Build # : 0.92
requestInfo http://connectnow.acrobat.com/sequoya2/testing123?exx=eDpCaW5nbyBCYW5nbzo6c2VxdW95YTI6MTIzOnRlc3Rpbm...
#THROWING ERROR# bad authentication key
Error: Invalid username or password:Login again
    at com.adobe.rtc.authentication::AbstractAuthenticator/onLoginFailure()[/Users/richardwillis/Documents/Flex Builder 3/CocomoSDK_0.92/src/com/adobe/rtc/authentication/AbstractAuthenticator.as:182]

having just followed the vid tutorial at http://flashrealtime.com/tuts/external-authentication-afcs.html i don't seem to be doing anything different, but i must be somehow..........................

Avatar

Level 4

thought id try passing in the username and psw we use to authenticate on the back end:

cocomoSession.roomURL: http://connectnow.acrobat.com/sequoya2/testing123
cocomoSession.authenticator.userName: Bingo Bango
cocomoSession.authenticator.password: 123
cocomoSession.authenticator.authenticationKey: exx=eDpCaW5nbyBCYW5nbzo6c2VxdW95YTI6MTIzOnRlc3RpbmcxMjM6MTAwOjFkODcwZWMzZjY1Y2YzNzA1YWUyMjMxOGY0YThhZGFkN2I4Mjg3MDc=

calling cocomoSession.login();...

but the same result.....


#THROWING ERROR# bad authentication key
Error: Invalid username or password:Login again

two things here are true:

  1. that i'm completely at a loss now; but
  2. that i still need to fix this

Avatar

Level 4

ok, so i broke this down to real basic. i noticed that the authKey i was getting was always identical. not a surprise, the backend php vars were always hard coded like this:

$secret = [OUR_GENERATED_SECRET];

$fullname = "Bingo Bango";
$id = 123;
$role = 100;

return $session->getAuthenticationToken($secret,$fullname,$id,$role);

meaning the authToken was always:

exx=eDpCaW5nbyBCYW5nbzo6c2VxdW95YTI6MTIzOnRlc3RpbmcxMjM6MTAwOmM4NjYwMmZmN2UyYzUyZmVhNWVmN2Q0ZjBiZjNhNjU2MjE1Nzg1NTY=

so, i figured, ok, im just gonna make a REAL simple app, with a coupla hardcoded MXML tags. i made a WindowedApplication thus:

<?xml version="1.0" encoding="utf-8"?>
<mx:WindowedApplication xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute" xmlns:local="*">
   
    <local:CocomoAuthTestContainer />
   
</mx:WindowedApplication>

and then the 'local:CocomoAuthTestContainer' component, thus:

<?xml version="1.0" encoding="utf-8"?>
<session:ConnectSessionContainer
    xmlns:session="com.adobe.rtc.session.*"
    xmlns:authentication="com.adobe.rtc.authentication.*"
    authenticator="{auth}"
    roomURL="http://connectnow.acrobat.com/sequoya2/testing123"
    >
   
    <authentication:AdobeHSAuthenticator

        id="auth"

        authenticationKey="exx=eDpCaW5nbyBCYW5nbzo6c2VxdW95YTI6MTIzOnRlc3RpbmcxMjM6MTAwOjFkODcwZWMzZjY1Y2YzNzA1YWUyMjMxOGY0YThhZGFkN2I4Mjg3MDc="
        />
   
</session:ConnectSessionContainer>

but again it broke, same way:

[SWF] CocomoAuthTest.swf - 1,228,539 bytes after decompression
AFCS Beta Build # : 0.92
requestInfo http://connectnow.acrobat.com/sequoya2/testing123?exx=eDpCaW5nbyBCYW5nbzo6c2VxdW95YTI6MTIzOnRlc3Rpbm...
#THROWING ERROR# bad authentication key
Error: Invalid username or password:Login again

not a conclusive test, but looking at this (ie: completely removed from the rest of the application) i feel pretty confident that i'm not doing anything wrong, nor that there's something wrong with the room, cos i also tried it thus:

<?xml version="1.0" encoding="utf-8"?>
<session:ConnectSessionContainer
    xmlns:session="com.adobe.rtc.session.*"
    xmlns:authentication="com.adobe.rtc.authentication.*"
    authenticator="{auth}"
    roomURL="http://connectnow.acrobat.com/sequoya2/testing123"
    >
   
    <authentication:AdobeHSAuthenticator id="auth"
        userName="[MY_ADOBE_EMAIL_ADDRESS]"
        password="[MY_ADOBE_PASSWORD]"
        />
       
</session:ConnectSessionContainer>

and it was fine.

im going to try ONE MORE THING before giving it a rest for the day, cos im more or less out of ideas and its just getting depressing now.

Avatar

Employee

Are you sure the secret is exactly the value you get from the DevPortal for your account ?

Unfortunately since the secret is "secret" it's a little hard to figure out what is wrong, but if your room URL is correct (or you send me your account name privately) I can look in our server logs for what it can be wrong.

Avatar

Level 4

hey raff

thanks for replying. i have used the 'send message' page on the forum here to send you the info you need. let me know if it your don't receive it, i'll try again.

Avatar

Level 4

apologies all, my back end guy wasn't passing in the right secret. his bad for my wasted day. he says:

I wasn't passing details around correctly
like a total nob
profuse apologies for my idiocy

sorry for wasting everyone's time. altho he would also like to say that:

a lot more examples would help enormously