Jump to content

Recommended Posts

Posted

Would it be possible to integrate the VATSIM single sign-on (vatsim connect) with phpVMS?

 

I am building my VA to operate solely on the VATSIM network, and since we already have the capability to store the VATSIM CID and use it to direct members to the stats area. I think it would be great if we can also use it for the actual member account.

Posted (edited)

after some research through multiple forms and talking to some other VA owners on discord (since im interested in this too) looks like youll have to do some extensive work. 

first youll need to navigate to app/Http/Controllers/Auth/LoginController.php
 

and make the necessary changes
 

use VATSIMSSO\VATSIMSSO;
use VATSIMSSO\Auth\Token;
use VATSIMSSO\Auth\User;



then it looks like youll have to navigate (i belive in that same file) and find handleProviderCallback() code

this is where i got told youll have to make a php code below it that verifies the incoming request, gets the Users access token, and details, and logins the user. 

(have no idea without recreating  it what that code will be)

then navigate to routes/web.php

 there add in the vatsim sso callback
 

Route::get('/auth/vatsim/callback', 'App\Http\Controllers\Auth\LoginController@handleProviderCallback');

 

youll also probably will need to modify the config file and a few more but he told me thats a start as he didnt go all the way through becuase he gained the info needed for what his needs were. 

 

i hope this helps you out

 

 

Edited by swaluver480
Posted

I also could see another option would be to create a API that would log you in and then redirect you. That would be a lot easier if you have the necessary information that goes with it. 

Posted (edited)

What will be the benefit of this effort ?

 

Are you willing to automatically create the v7 user with data provided by VATSIM (like name, mail, VATSIM CID etc.) or just willing to use it for login/authentication ?

 

If this will be used for authentication only, what is the difference between using your username and password compared to VATSIM CID and password ?

 

If you are wishing to create the user record, is VATSIM returning all necessary data for you to create a user record when someone signs in within their system ?

 

There can be more questions regarding this, but the main one is at the top :) 

 

Good luck and God speed

Edited by DisposableHero
Posted
3 hours ago, DisposableHero said:

What will be the benefit of this effort ?

 

Are you willing to automatically create the v7 user with data provided by VATSIM (like name, mail, VATSIM CID etc.) or just willing to use it for login/authentication ?

 

If this will be used for authentication only, what is the difference between using your username and password compared to VATSIM CID and password ?

 

If you are wishing to create the user record, is VATSIM returning all necessary data for you to create a user record when someone signs in within their system ?

 

There can be more questions regarding this, but the main one is at the top :) 

 

Good luck and God speed

it sounds to me like how swavirtual.com isl, where you have to be a member of vatsim in order to join but adding in to login in using vatsim SSO as well. 

Posted
6 hours ago, DisposableHero said:

What will be the benefit of this effort ?

 

Are you willing to automatically create the v7 user with data provided by VATSIM (like name, mail, VATSIM CID etc.) or just willing to use it for login/authentication ?

 

If this will be used for authentication only, what is the difference between using your username and password compared to VATSIM CID and password ?

 

If you are wishing to create the user record, is VATSIM returning all necessary data for you to create a user record when someone signs in within their system ?

 

There can be more questions regarding this, but the main one is at the top :) 

 

Good luck and God speed

 

Correct. I want users to be able to register via the vatsim sso with all of their relevant data pulled from vatsim and used to create the user account. This will validate the user is in good standing with the network and provide us with accurate info while allowing the user to use one account for all of it. In turn, if a user gets banned or suspended on the network, that status will reflect with us since they won't be able to use the sso to access their account. A great way to provide automatic checks and balances between our pilot roster and the vatsim network.

Posted

@RedKingOne this can happen only if "vatsim sso" provides you all relevant data needed for user creation, at minimum you will need full name, email and a password for the person. You can auto assign some values to other required fields, also you will need to somehow bypass (disable) or find a way to be sure captcha checks during registration. Still will be tricky and if "vatsim sso" returns minimal data then it will be impossible to create a user directly.

 

In this case, what you can do is a vatsim membership check before reaching your registration form, at least you will be sure that person has an active account on the network during that exact moment.

 

To be honest, I think only benefit of this implementation will be the network status check (banned/suspended/inactive etc.) for administrative purposes.

 

Good luck

Posted (edited)
6 hours ago, DisposableHero said:

@RedKingOne this can happen only if "vatsim sso" provides you all relevant data needed for user creation, at minimum you will need full name, email and a password for the person. You can auto assign some values to other required fields, also you will need to somehow bypass (disable) or find a way to be sure captcha checks during registration. Still will be tricky and if "vatsim sso" returns minimal data then it will be impossible to create a user directly.

 

In this case, what you can do is a vatsim membership check before reaching your registration form, at least you will be sure that person has an active account on the network during that exact moment.

 

To be honest, I think only benefit of this implementation will be the network status check (banned/suspended/inactive etc.) for administrative purposes.

 

Good luck

 

If I want to know anything about anyone on VATSIM I can look up the CID in the stats page or I can look up the CID via the direct feed.

For example, if I look myself up I would go to https://api.vatsim.net/api/ratings/1289149/ and I would get back

id: "1289149"

rating: 10

pilotrating: 0

militaryrating: 0

susp_date: null

reg_date: "2014-04-22T20:09:18"

region: "AMAS"

division: "CAR"

subdivision: "SDO"

lastratingchange: "2021-04-06T23:12:47"

 

In reality, VATSIM also stores more data that can be pulled and validated via the API. It also includes:

VATSIM Registered Email
VATSIM Registered First Name
VATSIM Registered Last Name
VATSIM Registered Country Code
VATSIM Registered Country Name

 

With the exception of Hub selection, The pilot would not need to add anything. All the relevant data would be pulled through the API.
 

 

Edited by RedKingOne
spelling
Posted

The following is a section of the code used on a custom WordPress plugin to create a user account.

Although I can read the file and make slight modifications to it; I have no clue how to apply the principles used here to phpVMS.

 

Quote

<?php

 

//=========================================//

    // VATSIM CONNECT FUNCTIONS

    //=========================================//

 

    function vatsimConnect(){

 

        //require_once("vatsim_connect_functions.php");

        require_once("vendor/autoload.php");

 

        // Required for VATSIM Connect

        $clientID                   = get_option('vatsim_connect_client_id');           // VATSIM Connect Client ID

        $clientSecret               = get_option('vatsim_connect_client_secret');       // VATSIM Connect Client Secret

        $scopes                     = get_option('vatsim_connect_scopes');              // VATSIM Connect Scopes

        $redirectURL                = get_option('vatsim_connect_redirect_url');        // VATSIM Connect Redirect URL

 

        // Required for Plugin

        $loginDeniedURL             = get_option('vatsim_connect_login_denied_url');    // LOCAL Redirect URL Login Denied

        $logoutURL                  = get_option('vatsim_connect_logout_url');          // LOCAL Redirect URL Logout Message

 

        $urlAuthorize               = 'https://auth.vatsim.net/oauth/authorize';        // VATSIM Authorize URL

        $urlAccessToken             = 'https://auth.vatsim.net/oauth/token';            // VATSIM Token URL

        $urlResourceOwnerDetails    = 'https://auth.vatsim.net/api/user';               // VATSIM User Details URL

 

        // Create Provider with VATSIM Connect Details

        $provider = new \League\OAuth2\Client\Provider\GenericProvider([

            'clientId'                => $clientID,

            'clientSecret'            => $clientSecret,

            'redirectUri'             => $redirectURL,

            'urlAuthorize'            => $urlAuthorize,

            'urlAccessToken'          => $urlAccessToken,

            'urlResourceOwnerDetails' => $urlResourceOwnerDetails,

            'scopes'                  => $scopes

        ]);

 

        // Check if login / logout request is found in URI

        if(isset($_GET['vatsim_connect'])){

 

            $code = $_GET['vatsim_connect'];

 

            if($code == 'logout'){

               

                wp_logout();

 

                header('Location: ' . $logoutURL);

 

                exit();

 

            }elseif($code == 'login'){

 

                $authorizationURL = $provider->getAuthorizationUrl();

 

                $_SESSION['oauth2state'] = $provider->getState();

 

                header('Location: ' . $authorizationURL);

               

                exit();

 

            }    

        }

 

        // Check if VATSIM Connect code is found in URI & user is not logged in yet

        if(isset($_GET['code']) && (!is_user_logged_in())){

 

            // Check if session state against previously stored one to mitigate CSRF attack

            if(empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])){

 

                if (isset($_SESSION['oauth2state'])){

 

                    unset($_SESSION['oauth2state']);

 

                }

 

                exit('Invalid state');

 

            } else {

 

                try{

 

                    // Try to get an access token using the authorization code grant.

                    $accessToken = $provider->getAccessToken('authorization_code', [

                        'code' => $_GET['code']

                    ]);

 

                    // Fetch Token Data

                    $vatsimAccessToken      = $accessToken->getToken();

                    $vatsimRefreshToken     = $accessToken->getRefreshToken();

                    $vatsimTokenExpireDate  = $accessToken->getExpires();

                    $vatsimIsTokenExpired   = $accessToken->hasExpired();

 

                    // Using the access token, we may look up details about the resource owner.

                    $resourceOwner = $provider->getResourceOwner($accessToken);

 

                    // Fetch VATSIM data from resource owner

                    $userData               = $resourceOwner->toArray();

                    $vatsimEmail            = $userData['data']['personal']['email'];               // VATSIM Registered Email

                    $vatsimCID              = $userData['data']['cid'];                             // VATSIM CID

                    $vatsimNameFirst        = $userData['data']['personal']['name_first'];          // VATSIM Registered First Name

                    $vatsimNameLast         = $userData['data']['personal']['name_last'];           // VATSIM Registered Last Name

                    $vatsimCountryCode      = $userData['data']['personal']['country']['id'];       // VATSIM Registered Country Code

                    $vatsimCountryName      = $userData['data']['personal']['country']['name'];     // VATSIM Registered Country Name

                    $vatsimRatingID         = $userData['data']['vatsim']['rating']['id'];          // VATSIM ATC Rating ID

                    $vatsimRatingShort      = $userData['data']['vatsim']['rating']['short'];       // VATSIM ATC Rating Short

                    $vatsimRatingLong       = $userData['data']['vatsim']['rating']['long'];        // VATSIM ATC Rating Long

                    $vatsimRegionName       = $userData['data']['vatsim']['region']['name'];        // VATSIM Region Name

                    $vatsimRegionID         = $userData['data']['vatsim']['region']['id'];          // VATSIM Region ID

                    $vatsimDivisionName     = $userData['data']['vatsim']['division']['name'];      // VATSIM Division Name

                    $vatsimDivisionID       = $userData['data']['vatsim']['division']['id'];        // VATSIM Division ID

                    $vatsimSubDivisionName  = $userData['data']['vatsim']['subdivision']['name'];   // VATSIM SubDivision Name

                    $vatsimSubDivisionID    = $userData['data']['vatsim']['subdivision']['id'];     // VATSIM SubDivision ID

                    $vatsimToken            = $userData['data']['oauth']['token_valid'];            // VATSIM Oauth Token Valid Boolean

 

                    // Check if correct scopes have been approved for login / registration

                    if(!$vatsimToken && !$vatsimNameFirst && !$vatsimNameLast && !$vatsimEmail){

 

                        wp_redirect($loginDeniedURL);

 

                        exit();

 

                    }

 

                    // Check if user with VATSIM CID already in WP User database

                    $isUser = get_user_by('login',$vatsimCID);

 

                    // Update WP User

                    if($isUser){

 

                        $userData = array(

                            'ID'                    => $isUser->ID,            

                            'user_login'            => $vatsimCID,          

                            'user_email'            => $vatsimEmail,        

                            'display_name'          => $vatsimNameFirst . ' ' . $vatsimNameLast,                

                            'nickname'              => $vatsimNameFirst . ' ' . $vatsimNameLast,

                            'first_name'            => $vatsimNameFirst,

                            'last_name'             => $vatsimNameLast,

                            'show_admin_bar_front'  => 'false'

                        );

 

                        $userID = wp_insert_user($userData) ;

 

                        if (!is_wp_error($userID)){

     

                            // Create array of VATSIM Data

                            $vatsimData = array(

                                'vatsim_country_code'       => $vatsimCountryCode,

                                'vatsim_country_name'       => $vatsimCountryName,

                                'vatsim_atc_rating_id'      => $vatsimRatingID,

                                'vatsim_atc_rating_short'   => $vatsimRatingShort,

                                'vatsim_atc_rating_long'    => $vatsimRatingLong,

                                'vatsim_region_name'        => $vatsimRegionName,

                                'vatsim_region_id'          => $vatsimRegionID,

                                'vatsim_division_name'      => $vatsimDivisionName,

                                'vatsim_division_id'        => $vatsimDivisionID,

                                'vatsim_sub_division_name'  => $vatsimSubDivisionName,

                                'vatsim_sub_division_id'    => $vatsimSubDivisionID

                            );

 

                            // Loop through VATSIM Data and update WP User Meta database

                            foreach($vatsimData as $k => $v){

                                update_user_meta($userID, $k, $v );

                            }

 

                            //Login User

                            vatsimConnectLogin($vatsimCID);

 

                        }else{

 

                            $errorString = $userID->get_error_message();

                            //echo $errorString;

 

                        }

 

                    // Create New WP User

                    }else{

 

                        $userData = array(

                            'user_pass'             => NULL,                

                            'user_login'            => $vatsimCID,          

                            'user_email'            => $vatsimEmail,        

                            'display_name'          => $vatsimNameFirst . ' ' . $vatsimNameLast,                

                            'nickname'              => $vatsimNameFirst . ' ' . $vatsimNameLast,

                            'first_name'            => $vatsimNameFirst,

                            'last_name'             => $vatsimNameLast,

                            'show_admin_bar_front'  => 'false'

                        );

 

                        $userID = wp_insert_user($userData) ;

 

                        if (!is_wp_error($userID)){

     

                            // Create array of VATSIM Data

                            $vatsimData = array(

                                'vatsim_country_code'       => $vatsimCountryCode,

                                'vatsim_country_name'       => $vatsimCountryName,

                                'vatsim_atc_rating_id'      => $vatsimRatingID,

                                'vatsim_atc_rating_short'   => $vatsimRatingShort,

                                'vatsim_atc_rating_long'    => $vatsimRatingLong,

                                'vatsim_region_name'        => $vatsimRegionName,

                                'vatsim_region_id'          => $vatsimRegionID,

                                'vatsim_division_name'      => $vatsimDivisionName,

                                'vatsim_division_id'        => $vatsimDivisionID,

                                'vatsim_sub_division_name'  => $vatsimSubDivisionName,

                                'vatsim_sub_division_id'    => $vatsimSubDivisionID

                            );

 

                            // Loop through VATSIM Data and insert into WP User Meta database

                            foreach($vatsimData as $k => $v){

                                update_user_meta($userID, $k, $v );

                            }

 

                            //Login User

                            vatsimConnectLogin($vatsimCID);

                             

                        }else{

 

                            $errorString = $userID->get_error_message();

                            //echo $errorString;

 

                        }

 

                    }

 

                } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {

 

                    // Failed to get the access token or user details.

                    //echo "Error: ";

 

                    //exit($e->getMessage());

 

                }

            }

        }

    }

    add_action('init','vatsimConnect');

 

    //User Login with VATSIM CID

    function vatsimConnectLogin($vatsimCID){

       

        $user = get_user_by('login',$vatsimCID);

 

        if(!is_wp_error($user))

        {

 

            // Set Cookies for Login

            wp_clear_auth_cookie();

            wp_set_current_user($user->ID);

            wp_set_auth_cookie($user->ID);

 

            // Redirect back to selected URL

            $redirect = get_option('vatsim_connect_redirect_url');

            wp_safe_redirect($redirect);

 

            exit();

 

        }

    }

 

    //=========================================//

    // UPDATE USER DATA EVERY 24H BASED ON VATSIM API

    //=========================================//

 

    function vatsimUpdateUserData(){

 

        //Get list of all Ratings

        $dataFeed = json_decode(file_get_contents("https://data.vatsim.net/v3/vatsim-data.json"));

 

        //Get list of all Regions

        $regionsData = json_decode(file_get_contents("https://api.vatsim.net/api/regions/"));

 

        //Get list of all Divisions

        $divisionsData = json_decode(file_get_contents("https://api.vatsim.net/api/divisions/"));

 

        //Get list of all SubDivisions

        $SubDivisionsData = json_decode(file_get_contents("https://api.vatsim.net/api/subdivisions/"));

 

        //Get all Users

        $users = get_users();

 

        foreach($users as $user){

           

            $userID = $user->ID;

            $vatsimCID = $user->user_login;

           

            if(is_numeric($vatsimCID)){

               

                //Fetch Latest Data from Public API

                $updatedData = json_decode(file_get_contents("https://api.vatsim.net/api/ratings/$vatsimCID/"));

 

                if($updatedData){

 

                    $vatsimRatingID         = $updatedData->rating;         // VATSIM ATC Rating ID

                    $vatsimRatingShort      = "Not Found";

                    $vatsimRatingLong       = "Not Found";

 

                    foreach($dataFeed->ratings as $rating){

                        if($vatsimRatingID == $rating->id){

                            $vatsimRatingShort = $rating->short;

                            $vatsimRatingLong = $rating->long;

                        }

                    }

                   

                    $vatsimRegionID         = $updatedData->region;     // VATSIM Region ID

                    $vatsimRegionName       = "-";

 

                    foreach($regionsData as $region){

                        if($vatsimRegionID == $region->id){

                            $vatsimRegionName = $region->name;

                        }

                    }

                   

                    $vatsimDivisionID       = $updatedData->division;   // VATSIM Division ID

                    $vatsimDivisionName     = "-";

 

                    foreach($divisionsData as $division){

                        if($vatsimDivisionID == $division->id){

                            $vatsimDivisionName = $division->name;

                        }

                    }

 

                    $vatsimSubDivisionID       = $updatedData->subdivision;   // VATSIM SubDivision ID

                    $vatsimSubDivisionName     = "-";

 

                    foreach($SubDivisionsData as $subDivision){

                        if($vatsimSubDivisionID == $subDivision->code){

                            $vatsimSubDivisionName = $subDivision->fullname;

                        }

                    }

 

                    // Create array of VATSIM Data

                    $vatsimData = array(

                        'vatsim_atc_rating_id'      => $vatsimRatingID,

                        'vatsim_atc_rating_short'   => $vatsimRatingShort,

                        'vatsim_atc_rating_long'    => $vatsimRatingLong,

                        'vatsim_region_name'        => $vatsimRegionName,

                        'vatsim_region_id'          => $vatsimRegionID,

                        'vatsim_division_name'      => $vatsimDivisionName,

                        'vatsim_division_id'        => $vatsimDivisionID,

                        'vatsim_sub_division_name'   => $vatsimSubDivisionName,

                        'vatsim_sub_division_id'     => $vatsimSubDivisionID

                    );

 

                    // Loop through VATSIM Data and update WP User Meta database

                    foreach($vatsimData as $k => $v){

                        update_user_meta($userID, $k, $v );

                    }

                }

            }  

        }

    }

    add_action('vatsim_update_users_data_cron','vatsimUpdateUserData');


 

    //=========================================//

    // RESTRICT NON-ADMIN PROFILE EDITING  

    //=========================================//

 

    function vatsimStopProfileAccess() {

 

        if(get_option('vatsim_connect_disable_profile_access') == 1){

 

            if(!current_user_can('manage_options')){

           

                remove_menu_page( 'profile.php' );

                remove_submenu_page( 'users.php', 'profile.php' );

 

                if(defined('IS_PROFILE_PAGE')){

 

                    if(IS_PROFILE_PAGE === true) {

 

                        wp_die( 'To change your VATSIM profile information visit https://www.vatsim.net.' );

 

                    }

                }

            }  

        }          

    }

    add_action( 'admin_menu', 'vatsimStopProfileAccess' );

 

    //=========================================//

    // FORCE VATSIM Connect OAuth

    //=========================================//

 

    function vatsimConnectForceLogin(){

       

        if(get_option('vatsim_connect_force_login') == 1){

 

            global $pagenow;

 

            // Login and Logout Redirect URL

            $loginURL = get_site_url() . '/?vatsim_connect=login';

            $logoutURL = get_option('vatsim_connect_logout_url');

 

            // Create Backdoor for Admin Access without VATSIM Connect

            if('wp-login.php' == $pagenow || 'wp-admin' == $pagenow){

 

                $status = 0;    //Default Status

 

                if(!empty($_GET['adminbackdoor']) && $_GET['adminbackdoor'] == true){

                    $status = 1;

                }

 

                if(!empty($_GET['loggedout']) && $_GET['loggedout'] == true){

                    $status = 2;

                }

 

                if(!empty($_GET['action']) && $_GET['action'] == "logout"){

                    $status = 3;

                }

 

                switch($status){

                    case 0:

                        wp_redirect($loginURL);

                        break;

                    case 1:

                        if($_SERVER['REQUEST_METHOD'] === 'POST'){

                            // Continue regular login without using VATSIM Connect

                        }

                        break;

                    case 2:

                        wp_redirect($logoutURL);

                        break;

                    case 3:

                        wp_redirect($logoutURL);

                        break;

                    default:

                        wp_redirect($loginURL);

                        break;

                }

            }

        }

    }

    add_action('init','vatsimConnectForceLogin');

 

?>

 

 

Posted
On 7/8/2023 at 7:17 AM, swaluver480 said:

after some research through multiple forms and talking to some other VA owners on discord (since im interested in this too) looks like youll have to do some extensive work. 

first youll need to navigate to app/Http/Controllers/Auth/LoginController.php
 

and make the necessary changes
 

use VATSIMSSO\VATSIMSSO;
use VATSIMSSO\Auth\Token;
use VATSIMSSO\Auth\User;



then it looks like youll have to navigate (i belive in that same file) and find handleProviderCallback() code

this is where i got told youll have to make a php code below it that verifies the incoming request, gets the Users access token, and details, and logins the user. 

(have no idea without recreating  it what that code will be)

then navigate to routes/web.php

 there add in the vatsim sso callback
 

Route::get('/auth/vatsim/callback', 'App\Http\Controllers\Auth\LoginController@handleProviderCallback');

 

youll also probably will need to modify the config file and a few more but he told me thats a start as he didnt go all the way through becuase he gained the info needed for what his needs were. 

 

i hope this helps you out

 

 

 

It certainly gives me something to think about. Appreciate the pointer.

Posted

Well, looks like enough data is provided by Vatsim via their api, so you can simply create the user if you wish too... Also you can build something to replace laravel's authentication (or at best let it return a valid authentication)

 

You can then force people to select their hub if you have more than one, or define the closest one as their hub etc.

 

What you need is some custom profile fields, to store Vatsim data ;)

  • 5 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...