Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.

PHP external authentication

Avatar

Level 1
Hi:



Has anyone successfully implemented a php based external
authentication using cocomo in an AIR application? I am having a
hard time following the documentation provided with the cocomo SDK.




This is what I have in place:



An AIR application which lets users inside using a login and
password which they registered for. The login/registration system
is a PHP5/MySQL5 backend. I saw the examples section for External
Authentication and couldn't what the hills was going on there.



I know this may sound very "noob" but can anyone walk me
through or provide a step-by-step tutorial. I am working on an
awesome AIR application and will soon release it for free once I
get this social media part integrated into it. Please help me out
guys.



Thank you very much in advance.





Praneet
11 Replies

Avatar

Former Community Member


Hi Praneet,



Have you had a chance to read the Cocomo Developer Guide
(doc/pdf/ in the sdk download), section 6.3.3?



The general sequence listed there is :



1) Your server logs into Cocomo

2) Your server requests a session object for a given room

3) with the session object, generate an authentication token
for a given user.

4) Get the auth token to the client in question

5) Have that client log into cocomo w/ an
AdobeHSAuthenticator, with authenticationKey= the token.



How far in have you gotten so far?

hope this helps

nigel

Avatar

Level 1
Hi Nigel:



Thank you very much for replying to my post. Ok, so this is
what I understood from your post and what I am going to do:



1.) send the username to the PHP script using HTTPService

2.) my PHP script will contain the code attached to this post

3.) in my MXML file this is what I have




quote:



private function init():void {

//roomURL = Application.application.parameters["roomURL"];

//authToken =
Application.application.parameters["authToken"];

//cSession.login();

cocomoService.send();

}

private function cocomoResult():void {

Alert.show(cocomoService.lastResult.authkey.toString());

authToken = cocomoService.lastResult.authkey.toString();

auth.authenticationKey = authToken;

cSession.login();

}

]]>

</mx:Script>

<mx:HTTPService id="cocomoService" url="
http://localhost/mycocomo.php"
result="cocomoResult()" method="POST">

<mx:request xmlns="">

<user>some user in my database</user>

<role>100</role>

</mx:request>

</mx:HTTPService>

<rtc:AdobeHSAuthenticator id="auth"/>



<session:ConnectSessionContainer

roomURL="
http://connectnow.acrobat.com/myapp/myroom"

id="cSession"

authenticator="{auth}"

autoLogin="false">





4.) and nothing happens. Although the Alert popup shows me
the reply I got back from my localhost which does seem like an
authToken to me...I can paste the authtoken here if it is ok to..





Thanks in advance.



Praneet

Avatar

Former Community Member


Hi Praneet,



Sure, you can paste your authtoken in (it will only be valid
for one roomURL, which you haven't listed).



Stupid question : you are replacing the roomURL for
ConnectSessionContainer with your roomURL?



Lastly, what trace output are you seeing from FlexBuilder
once you login?



nigel

Avatar

Level 1
Hi Nigel:



haha that is not a stupid question but yes I have replaced
the roomURL in the connectsessioncontainer explicitly to the url of
my room I had created in the developer console. Here's the
authToken Flex receives from my localhost:



exx=eDpwcmFuZWV0bG9rZTo6Z29vZ2xlYWlyOnByYW5lZXRsb2tlOnRlc3Rpbmc

6MTAwOmQ2NGVkMWI5YTZlNGMxY2JlMzViOWU4NjY0YzI4OTM1YWI5MDE2Zjg=



I have not used any trace statements in the mxml file but
when I launch the file, the creationcomplete event does fire up the
init() function and then the Alert box pops up with the auth token
and as you can see from my code I am logging in the
ConnectSessionContainer after the Alert statement and it doesn't do
anything. The page is blank and it has a black background.





Thanks,

Praneet





Avatar

Employee
your token seems ok.



it would really help if you could run in debug mode and send
us the trace.



Did you try to run the PHP example as-is, with your
credentials ? Did it work for you ?



Sorry for my example to be a little "cryptic", but I tried to
do too many things in one file :)



First, the PHP script generates an HTML page with a form, if
you don't pass any parameter and an HTML page with the embedded SWF
if you do pass the parameters.



Second, since I didn't want to use a database to store the
result of am->getSession() I am storing it in the PHP session.
This works in my example where I can start multiple room from the
same browser window, but in real life you want to store the result
of am->getSession either in a shared cache or (temporary) in
your database.



One other thing that I would have done differently, but it
works the way you do it too, is that I think you have your AIR
application query your user repository (the PHP app you describe)
and then query another app (the one you post) to get the session
for that user. My idea was that when you login into your
application knowing that you are going to connect to cocomo, you
also have your server-side app call Cocomo and get the token for
you. But again, the way you do it works too.



Avatar

Employee
Ah! I think I know why your test doesn't work!



You are using the wrong "shared secret". The one in your
example is not the one currently associated to your account (you
can see it by going to "
http://cocomo.acrobat.com"
and logging in).



You need to make sure you use the same value Cocomo is using,
otherwise we cannot validate your token and the authentication
fails.



BTW, since you posted your real login and password, I suggest
you change it now :)



Hope this help!



-- Raffaele

Avatar

Level 1
Alrighty! Raff thanks for pointing out two things. One, my
stupidity of revealing my id and password in the php file (fixed
now) and that my share key was different in php file.



But you know what? I realized that I did generate new keys
and then pasted the new keys in the php file. Somehow my cocomo
account didn't update my profile with the new key. After you
pointed out the mistake in the shared key, I immediately logged
into cocomo.acrobat.com and found that somehow my key reverted back
to an old key I had when I first created the account! I don't know
how that happened but I am very sure that I generated keys twice
and both times I hit the "yes" button when asked if I wanted to
change the key or not.



Thanks Raff and Nigel. Will bombard you guys with more
questions later on!



Thanks,

Praneet



P.S: don't beat yourself up about the examples Raff. I think
you have done an amazing job with them. Although I did figure out
the index.php and the html part you had in there but I guess like
you said maybe in the future release you could a short description
in it for PHP first timers.

Avatar

Level 1
Hey guys:



ok now I have the php scripts working on my localhost so I
transferred them to my web server and these are the errors I got..



Warning: fopen(
http://connectnow.acrobat.com/googleair?mode=xml&accountonly=true&)
[function.fopen]: failed to open stream: Unable to find the socket
transport "ssl" - did you forget to enable it when you configured
PHP? in /home/a9897012/public_html/cocomo.php on line 441



Fatal error: Uncaught exception 'CocomoError' with message
'connection-failed' in /home/a9897012/public_html/cocomo.php:443
Stack trace: #0 /home/a9897012/public_html/cocomo.php(339):
Cocomo->http_get('
http://connectn...', Array) #1
/home/a9897012/public_html/cocomo.php(196):
CocomoAccount->do_initialize() #2
/home/a9897012/public_html/mycocomo.php(27):
CocomoAccount->__construct('
http://connectn...') #3 {main}
thrown in /home/a9897012/public_html/cocomo.php on line 443







I believe the warning is due to the fact that my web service
host may not have ssl enabled in the php info but as for the second
error I am not that good at writing exception handling code in
php..so what is your take on this guys?





Thanks,

Praneet

Avatar

Employee
We do require SSL support (and when you access the http URL
we'll redirect you to https).



I am not sure of what you mean by "the second error". I think
what's happening is that the connection fails because it cannot use
https and I throw a CocomoError("connection-failed")



Avatar

Level 1
Hi Raff:



Alright so that was the uncaught exception? the connection
failed because my web server doesn't have ssl enabled. alright I'll
have to see how I can enable ssl on the hosting service.



Also, for now the only way to chat is in a chat room right?
My question is, can two users start a chat session instead of
chatting in a chat room?



Thanks,

Praneet

Avatar

Employee
I am not sure I understand the question.



Assuming you are asking if you have to use the provided chat
pod vs. implementing your own chat room, the chat pod uses the
SimpleChatModel.



You can implement your own UI that uses SimpleChatModel if
you don't like the provided UI.



If you are asking about user to user messaging, you can
either implement your own model, or use the SimpleChatModel with
"private" conversations.



If you look at the chat pod, there is a listbox that lets you
send messages to everybody, only to hosts or to a specific person.
You can look at the implementation to see how to configure the
model for private conversations.