esi / esi-docs Goto Github PK

Currently https://docs.esi.evetech.net/docs/sso/revoking_refresh_tokens.html states:

Note: it is currently a bug that basic authentication can only be used with the revocation endpoint. In the future, the EVE SSO will allow you use an access token instead for mobile/desktop applications.

Is there an ETA for this?

I use this link to authorize.
https://login.eveonline.com/oauth/token
Many characters have been authorized, and is there any way to convert them directly to the authorization generated by such links?
https://login.eveonline.com/v2/oauth/token
Or in future plans, all characters will be reauthorized again?

I have tried to use EVE SDE Database Builder, but when I select all item to import,the program crashed. And how do I import Chinese data?

I do have eTag support in ESI.NET added in if you want to update your third-party list.

What is max length of ESI JWT token?

Basically, the usage of <URL safe Base64(SHA256(URL safe Base64(random 32 byte string)))> and <URL safe Base64(32 byte string) generated in step 3> in the OAuth 2.0 for Mobile or Desktop Applications article is somewhat cumbersome and potentially misleading.

The python example is significantly clearer:

1. The basis for the PCKE protocol is a particulalry encoded secret string random:

    random = base64.urlsafe_b64encode(secrets.token_bytes(32))

2. From this string, the challenge string code_challenge is created in several steps:

    m = hashlib.sha256()
    m.update(random)
    d = m.digest()
    code_challenge = base64.urlsafe_b64encode(d).decode().replace("=", "")

3. While the challenge string is used at the initial authorization step to receive an authorization code, the secret string is later used in combination with the authorization code at the token request step: The basic idea is to not give away your secret string for identification, before you've made sure that you are in fact communicating with an authorized server.

My suggestion would be to define both the secret string and the challenge string once in the text and then use the synonyms for the code examples:

• random_string: <URL safe Base64(32 byte string)>
• challenge_string: <URL safe Base64(SHA256(random_string))>

Hope this helps! 🙂

The SSO docs for using the revocation endpoint (https://github.com/esi/esi-docs/blob/master/docs/sso/revoking_refresh_tokens.md) still suggest the use of JSON request bodies. This is not according to spec, and is unsupported behavior.

The docs page and the associated code example should be updated to use form encoded request bodies, similar to how it was done in 290bb2a.

I have a couple of smaller suggestions:
Add link the the swagger ui and the changelog to the “Important Online Resources” paragraph in the readme.
Also update description of #esi to include that the ccp devs are there and it’s a good place to check the health of esi and keep up with the community (I feel like getting people on #esi should be our number one priority).

I’m open to doing these changes myself (if the suggestions is accepted), but, fair warning: English is not my first language and I’m not exactly good with words.

• Add link to https://github.com/esi/eve-glue (maybe to #using-esi-data?)
• Add link to https://esi.evetech.net/ in the readme (There is already a link in esi_introduction.md maybe that is enough?)

I would do it myself, but, it end up being CarbonAlabel who did all the work the last time...

If you follow https://docs.esi.evetech.net/changelog you will be greeted by a 404 page.

The SDE Introduction page is horribly out of date: it claims that the SDE still contains data in formats other than YAML, and contains links to a bunch of non-existent pages.

It could use being updated to better describe the current SDE, or at the very least pruned of the dead links.

The Useful Formulae page should be updated to actually render the formulae.

One approach is to use a third-party service which renders them as images, such as @lukasni did in https://github.com/esi/esi-issues/blob/2c4462ed3aa68db8ab3c6d587756ee8eb4145f60/docs/useful_formulae.md.

Another is including a JS library which will render them, such as MathJax or KaTeX., You can find one of my attempts at this on https://carbonalabel.github.io/esi-docs/docs/useful_formulae.html and https://github.com/CarbonAlabel/esi-docs/blob/master/docs/useful_formulae.md.

If there's some third alternative, I'd love to hear about it.

The corresponding pages from the old docs can be used as a reference for what the rendered formulae are supposed to look like: https://eveonline-third-party-documentation.readthedocs.io/en/latest/formulas/

The closest thing we have to an official list of ID ranges is currently the following gist: https://gist.github.com/a-tal/5ff5199fdbeb745b77cb633b7f4400bb

As it is owned by an ex-CCP developer who has been inactive for a while, it would be better and far more maintainable to have the list included in these docs.

The final instruction in https://github.com/esi/esi-docs/blob/master/docs/sso/revoking_refresh_tokens.md says:

3. If the revocation was successful you will get an HTTP response code of 200 back from the EVE SSO.

As described in https://tools.ietf.org/html/rfc7009#section-2.2, a 200 response code from the revocation endpoint is not confirmation that the token was revoked, and will be returned even if an invalid token was sent to the endpoint.

The docs should be updated to make this clearer.

the script editor is giving an error of "Missing ) after formal parameters. (line 11, file "location")"
on each script i use

please pardon my noobness i did google the problem but couldn't figure it out