1

Discussion of new authorization method (oAuth)

Тема: Discussion of new authorization method (oAuth)

We've implemented new modern and more secure authorization method in Wialon.
Here we will answer all the questions about it and help you to overcome all implementation problems.
Blog article
Instructions file

Head of Wialon Local Department
Gurtam
2

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi, I am trying to figure out how to implement new login details mentioned here

http://weblog.gurtam.com/wp-content/upl … -Authoriza

I am trying to follow below to create token
http://sdk.wialon.com/wiki/en/sidebar/r … oken/token

My api call looks like (in below example userid is replaced with 0s, app name is replaced with myapp  )

http://hst-api.wialon.com/wialon/ajax.html?svc=token/update&params={"callMode":"create","userId":"0000000","h":"","app":"myapp","at":0,"dur":604800,"fl":256, "p":"","items":["":""],"deleteAll":""}

I receive error 4 and not really sure whats wrong with above input. I would really use some help, thanks

3

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hello.
Parameter "items" should contain array of item ids, for example [1234,568]

Head of Wialon Local Department
Gurtam
4

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

thanks, and what should I use as item id, my userid or ..?
Because I just tried with my userid and now I get Error 7, while I could succesfully create token using the standart login form(i.e. there is no reason to have my access denied..)

5

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

There is not enough info in docs - we'll add more details.
Parameter "userId" is optional. You can pass id of another user.
Then if you have access right Operate as (0x200000) to this user
you'll create/update/delete tokens of this user.

In your case don't sent userId.
As for "items" - you can pass there id of items you want your token had access to.
There is no need to pass id of current user. You can pass id of resources, units and so on.

Head of Wialon Local Department
Gurtam
6

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Ok , thanks, but I am not sure about the resources ids I will need to monitor, these may vary within customer account.
This is my real life api url which still returns Error 7 while i can actually create token manually thru the simple form

Any other ideas what might be wrong with this token creation api url?

http://hst-api.wialon.com/wialon/ajax.html?svc=token/update&params={"callMode":"create","userId":"1154069","h":"","app":"mywialonapp1","at":0,"dur":604800,"fl":256,"p":"","items":[],"deleteAll":""}

7

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

This request is for managing tokens after beeing authorized. In most cases you don't need this request.

To authorize to wialon in your app/site now you should use our oAuth form (http://hosting.wialon.com/login.html or http://your.dns.com/login.html).
Example on playground

But if you were successfully authorized by token and then you need to manage tokens of current or other users you have access to - you can use this request.
For example to create manually your new token - use request http://hst-api.wialon.com/wialon/ajax.html?svc=token/update&params={"callMode":"create","app":"mywialonapp1","at":0,"dur":604800,"fl":256,"p":"{}","items":[]}

Head of Wialon Local Department
Gurtam
8

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.

What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.

Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update&params={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxx

Response:
{
    "error": 7
}

Its unfortunate that documentation is very vague.  Please suggest how to fix.

9

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

trakfamily пишет:

I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.

What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.

Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update&params={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxx

Response:
{
    "error": 7
}

Its unfortunate that documentation is very vague.  Please suggest how to fix.

Please check that you were authorized  by admin with full token access rigths : access_type = -1
Also you  should have access right Operate as (0x200000) to this user  to  create/update/delete tokens of this user.

Diana Cheley
Wialon Hosting Expert
Gurtam
10

Discussion of new authorization method (oAuth)

(28/08/2015 19:42:01 отредактировано trakfamily)

Re: Discussion of new authorization method (oAuth)

chdi пишет:
trakfamily пишет:

I am also getting error when creating token for different userId using admin authorization. I have authorized the admin using oAuth, got the sid using loginToken. Now when I try to create token for subuser, I get error 7.

What I want is to create token on behalf of subuser and use the generated token to createSession as subuser.

Request:
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update&params={"callMode":"create","userId":"xxxxxxx","app":"","at":0,"dur":604800,"fl":256,"p":"{}","items":[xxxxxxx]}&sid=xxxxxxxxxxx

Response:
{
    "error": 7
}

Its unfortunate that documentation is very vague.  Please suggest how to fix.

Please check that you were authorized  by admin with full token access rigths : access_type = -1
Also you  should have access right Operate as (0x200000) to this user  to  create/update/delete tokens of this user.

Dear chdi,
Thank you for your response.
Question: Please check that you were authorized  by admin with full token access rigths : access_type = -1
Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1

Question: Also you  should have access right Operate as (0x200000) to this user  to  create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.

Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.

11

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

trakfamily пишет:

Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1

If you authorized under user-creator through token , sure you should use the parameter access_type = -1 to get token
For example, http://hosting.wialon.com/login.html?cl … ion=604800
You can find the full parameters for Extend form here http://sdk.wialon.com/wiki/en/sidebar/r … ogin/login

Question: Also you  should have access right Operate as (0x200000) to this user  to  create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.

Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.

Please also check is it a correct id of elements you set for "userID" and 'items"

Diana Cheley
Wialon Hosting Expert
Gurtam
12

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

chdi пишет:
trakfamily пишет:

Answer: I am the creator of the user whose token I want to create. I am using the sid of the creator while calling token/update API above. Can you please suggest do I still need to set access_type = -1 and where I need to to set access_type = -1

If you authorized under user-creator through token , sure you should use the parameter access_type = -1 to get token
For example, http://hosting.wialon.com/login.html?cl … ion=604800
You can find the full parameters for Extend form here http://sdk.wialon.com/wiki/en/sidebar/r … ogin/login

Question: Also you  should have access right Operate as (0x200000) to this user  to  create/update/delete tokens of this user.
Answer: I am the creator of the of the user, when I login into cmd.wialon.com and hosting.wialon.com using my login/password, I am able to do "Login as another user" the user so I presume I have all the right.

Awaiting your response, and please excuse if my questions are too basic but I am struggling to create token for my sub-user using API. Please help how can I debug the issue.

Please also check is it a correct id of elements you set for "userID" and 'items"

Here are the steps that I performed-

1. To get the token for creator account, I used oauth URL- http://hosting.wialon.com/login.html?cl … ion=604800  and got the access_token for creator account.
2. Logged in with creator account using token/login remote API http://hst-api.wialon.com/wialon/ajax.html?svc=token/login&params={"token":xxxx}, got session id ("eid":xxx) in response.
3. Now to create token for subuser (i.e. of whom on I creator) I called following API-
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update&params={"callMode":"create","userId":"12822687","app":"","at":0,"dur":604800,"fl":100,"p":"{}","items":["12822687"]}&sid=c066e3e906ffb24fda4ee72716f5eb5a 
Where userId and items are the user id of subuser for whom I want to generate token, and sid is the session id (i.e. eid field in step2). But I am still getting Error 7 in response.


Question-1 What does "items" filed in token/update API mean, wialon documentation says "list of item ids with token granted access"? What should I pass to create token for subuser?

Question-2 Can you please suggest what am I doing wrong in above steps? Unfortunately there is no example for http://sdk.wialon.com/wiki/en/sidebar/r … ken/update API in wialon playground.

Questions-3 Has anyone used token/update API at all and found it working?

13

Discussion of new authorization method (oAuth)

(02/09/2015 01:04:14 отредактировано Diana)

Re: Discussion of new authorization method (oAuth)

Dear trakfamily,

the steps are correct
add some name for parameter "app" - the application name should be defined to authorization
For example,
http://hst-api.wialon.com/wialon/ajax.html?svc=token/update&params={"callMode":"create","userId":"12822687","app":"myapp","at":0,"dur":604800,"fl":256,"p":"{}","items":[]}&sid=your_sid

Also set a correct flag : "f":0x100 in hex or "f":256 in decimal

In field "items" you can define a list of elements id (other users, units, resource ) for which this sub-user will have access rights according with this token
For example,  "f":256 means Online tracking , so sub-user can have bacis acceess rights to "items"

Diana Cheley
Wialon Hosting Expert
Gurtam
14

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Dear Chdi,
   Fixing the "app" parameter did the trick, thank you so much.

Now I am able to generate access_token for subuser using token/update remote API. After getting the token, I am using token/logen remote API to generate "sid" for the subuser (Please note I am running these APIs on server to generate sid for user and pass the sid to client). But looks like this sid does not work on client machine because of IP address change. 
Here is what I want to achieve-
1. On our hosted server, generate sid or access_token for subuser.
2. Pass the link with sid/token (such as http://myserver.com/?sid=xxxxxxx) to customer so that customer can login just by clicking the link(without entering user/password).

Can you please suggest how I can achieve above?

15

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

trakfamily пишет:

Dear Chdi,
   Fixing the "app" parameter did the trick, thank you so much.

Now I am able to generate access_token for subuser using token/update remote API. After getting the token, I am using token/logen remote API to generate "sid" for the subuser (Please note I am running these APIs on server to generate sid for user and pass the sid to client). But looks like this sid does not work on client machine because of IP address change.

the session (sid) is generated for the same IP, the IP shouldn't be dynamic or change

Here is what I want to achieve-
1. On our hosted server, generate sid or access_token for subuser.
2. Pass the link with sid/token (such as http://myserver.com/?sid=xxxxxxx) to customer so that customer can login just by clicking the link(without entering user/password).

Can you please suggest how I can achieve above?

after you generate a token for subuser you can send it to  client side  or you can Create authorization hash and send it to client side

Diana Cheley
Wialon Hosting Expert
Gurtam
16

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi, I am developing the windows application (C#) to access the data on Wialon hosting via remote API
I'm implementing login screen with the new authorization way mentioned here "http://sdk.wialon.com/wiki/en/sidebar/r … ogin/login".
I used .netFramework component "WebClient" to post data (sign, uid, pwd,etc) to "http://hosting.wialon.com/oauth.html"
Here is my step
1. access "http://hosting.wialon.com/login.html" then find sign value from the response.
2. post required data to "http://hosting.wialon.com/oauth.html"
3. Login with svc=token/login&params{...}

I was successful for creating token, logging in with token and getting the list of units, but I always received the error code 7 - Access denied when try to load the message with "svc=messages/load_interval".

I feel there is something wrong in a process of generate the token but cannot find the root of the problem.

Do you have any suggestion or sample C# application with Remote API ?

Mr.Teera Koedchan.
Developer, Mobile Innovation (Thailand) Company Limited
“We contribute to society by delivering SECURITY and SAFETY to customers”
17

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

teerak
Check access type parameter you use when create token http://sdk.wialon.com/wiki/en/sidebar/r … cess_flags
Try to change it to -1 (full access)

18

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

shmi пишет:

teerak
Check access type parameter you use when create token http://sdk.wialon.com/wiki/en/sidebar/r … cess_flags
Try to change it to -1 (full access)

Thank you very much, I achieved for loading message.

Additional question
some time I receive the error message "insecure or allowed time expired" when post data to "http://hosting.wialon.com/oauth.html"
Here is a post parameter.
client_id=WialonRemote+API&access_type=-1&activation_time=0&duration=2592000&flags=0&sign=xxxxx2LxRItzQKMpQ=&login=xxxx&passw=xxx&redirect_uri=http://hosting.wialon.com/login.html

Mr.Teera Koedchan.
Developer, Mobile Innovation (Thailand) Company Limited
“We contribute to society by delivering SECURITY and SAFETY to customers”
19

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

It is not allowed to make request to oauth.html without using authorization form. Request didn't perform due to security reasons.
Also if you use authorization form and got such error message - it means that the form was expired (displayed too long without login) and needs to be refreshed.

Head of Wialon Local Department
Gurtam
20

Discussion of new authorization method (oAuth)

(18/09/2015 10:40:49 отредактировано teerak)

Re: Discussion of new authorization method (oAuth)

Hi deal,
Could you please suggest how to implement it with windows application (application on PC) or smart phone application?

Mr.Teera Koedchan.
Developer, Mobile Innovation (Thailand) Company Limited
“We contribute to society by delivering SECURITY and SAFETY to customers”
21

Discussion of new authorization method (oAuth)

(18/09/2015 11:20:07 отредактировано deal)

Re: Discussion of new authorization method (oAuth)

You can generate infinite token using authorization form (access_type -1, dur 0) and then use it in your app without regular direct access to restricted oauth.html.

Head of Wialon Local Department
Gurtam
22

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

teerak пишет:

Could you please suggest how to implement it with windows application (application on PC) or smart phone application?

You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization

23

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

shmi пишет:
teerak пишет:

Could you please suggest how to implement it with windows application (application on PC) or smart phone application?

You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization

Thank you very much.

Mr.Teera Koedchan.
Developer, Mobile Innovation (Thailand) Company Limited
“We contribute to society by delivering SECURITY and SAFETY to customers”
24

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

shmi пишет:
teerak пишет:

Could you please suggest how to implement it with windows application (application on PC) or smart phone application?

You should create WebView or WebBrowser (im not expert in C#) and open http://hosting.wialon.com/login.html in it so user can enter login and password.
Next step - detect redirect or url change, parse it, check for errors and get token
Then you can store token in your app and use it for authorization

In our  Android application, User (mostly an administrator, not an operator - reason: operator shouldn't know Wialon username and password) set Wialon User and Password in first run of application (in application setting) and then application use Remote API to work. With core/login we did it without no problem, but with Token i really don't know how should do it. How should our app send username and password to give token?!!!
Please help us in this case.

25

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

hhamedk
You should add WebView with the authorization form (http://hosting.wialon.com/login.html) to your app, where user can enter his name and password. After, you should handle redirects (http://stackoverflow.com/questions/4066 … -a-browser), and parse  token from url, and save it. Later you can use this token with method token/login like you use login&password with core/login method.
You can find some implementation examples on GitHub(for example https://github.com/wuman/android-oauth-client).

Mobile Development
Gurtam
26

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Our  problem is that we can't use WebView as i mentioned. Because username and password should set by Administrator not user or operator and also username and password sent from our server side in a encrypted file, application use file, read username and password, store them and use them for future login. So, should forgot WebView completely. But thanks.
Any other idea?

27

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

hhamedk If you have a session on your server side, you can create tokens by calling token/update method with callMode=create. After you can send them to your application and use them for future login.

Mobile Development
Gurtam
28

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

We finally found a way. I call http://hosting.wialon.com/login.html and get response, then i extract sign from this response, then i set parameters and send for http://hosting.wialon.com/oauth.html, in response I get html string that contains "authorization success" . But i can't get token from response, i should get token from new url that android can't get it (or i don't know how). How can I get token in response?

29

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

This is wrong way. You shouldn't extract sign parameter and execute /oauth.html request by yourself. It is restricted and if it works now - you can't be sure that it will work tommorow. In your sites/apps you should use authorization form to generate token. If there is problem to show form in some app - you can generate infinite token (duration 0) with full access (access_type -1) and use it insted of login and password. Using this token you can authorize and do everything including generation of new tokens for subusers.

Head of Wialon Local Department
Gurtam
30

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Is there a possibility to create a Token from CMS or Monitoring panel?

31

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

I have two question:
1. If we create a infinite Token is it possible to use it in our application as you mentioned? does Token work with any IP? Our application will install on an android smart phone and IP address will change time to time.
2. You developed new authentication way to increase security level. Don't you think creating a infinite Token has lower security level than even old authentication?

32

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

There is no such interface in CMS or Monitoring. You can only view or remove tokens in user's menu -> Manage Applications.
But you can generate such token using authorization form with such request:
http://hosting.wialon.com/login.html?cl … mp;flags=6

Head of Wialon Local Department
Gurtam
33

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

1. You can use generated token in any your apps on any IP.
2. We don't think so. Even infinite token can be removed anytime by owner.
New authorization method is much better and safer than old one.
We'll continue to make it better.

Head of Wialon Local Department
Gurtam
34

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hello,

We're trying to add the new OAuth autorization in your custom application who is running in background on our server, but we're have a bug and need you help on this issue.

For our application who is running in background on our server.

How we need to use the authorization method in background on our server ?

What is the code to use in background on our server ?

How we can have a warranty that we have obtain a token and our service continue to work in background ?

35

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

In your sites/apps you should use authorization form to generate token. (You can show it using WebView component or equivalent one)
If there is problem to show our form in some app - you can generate infinite token (duration 0) with full access (access_type -1) and use it insted of login and password.
Using this token you can authorize and get sid. And then your app can execute request using this sid.
You can refer to docs at http://sdk.wialon.com/wiki/ru/sidebar/r … ogin/login
and examples at http://sdk.wialon.com/playground/  (last 3 examples)

Head of Wialon Local Department
Gurtam
36

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

deal пишет:

For our application who is running in background on our server.

Usually background services with deprecated core/login works in following way:

  • somewhere in code or config login/password is specified
  • when app launches - login/password is used for core/login
  • when core/login succeeded - use sid from it for next Remote API requests

If you app work as writen, here's steps how to use new OAuth autorization:

  • Generate token - only once
    To get token you can use playground sample or directly  this form. Please check that access_type grant enough rights (use access_type=-1 to grant full rights) and duration=0 (infinite token, the only restriction - use it for login minimum once per 100 days).
  • Specify token in code/config
    Replace old login/password in your code or config with new just received token.
  • Use token/login instead of core/login
    Replace deprecated core/login with token/login method and token from config. No other changes needed, responses for these request are the same.
  • Validate login result
    If token/login returned error - it means that token became invalid. You need to have kind of notification for this situation and generate new token and specify it in config

We have several projects that uses this logic, everything works fine. Please ask if need some clarification.

37

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi,

Do you have a sample of code in C# who use this logic to validate if the token has expired ?

Thanks
Regards

38

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

NTS пишет:

Do you have a sample of code in C# who use this logic to validate if the token has expired ?

Sorry, we dont use C#.

But logic is pretty easy: you have to check if 'error' key exists in token/login request. Here's pseudo code (just sample, not a real program)

// constants
url = "http://hst-api.wialon.com/wialon/ajax.html";
token = "79c8a862473fef040c011e5d40a36e3a4DA1F0E9ABF237D20E89AA7BAA4480FCBBA92915";

// RemoteApi request
request = Request(url + "?svc=token/login&params={token:'" + token + "'}");

// exec token/login and get response
response = request.send();

// parse response json
response = Json.parse(response);

// check "error" key exists
if (response.hasKey("error")) {
   if  (response.getValue("error") == 7 || response.getValue("error") == 8) {
      // invalid token
      return
   } else {
      // other login error, try to login again
   }
} else {
   // token is valid
}
39

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

I use C#  and I use the everlasting tokens option with below code to check and delete if too many tokens are created . Hope this helps

List<tokens> tokenslist = ser1.Deserialize<List<tokens>>((new WebClient()).DownloadString(urlCheckTokenCount));
                
                if (tokenslist.Count > 900)//max allowed number of tokens per user is 1000, I use to delete them if they exceed 900; 
                {//will delete only tokens under this app name and this user
                   
                    for (int i = 0; i < 900; i++)
                    {
                        string currenttokenappname = tokenslist[i].app;
                        if (string.Compare(currenttokenappname, appname) == 0)
                        {
                            string currenttoken = tokenslist[i].h;

                            if (string.Compare(currenttoken, token) != 0)//skip current token , delete all the rest, 
                            {
                                string urlDeleteToken = wialonurlfix + "ajax.html?svc=token/update&params=" +
                                "{\"callMode\":\"delete\",\"userId\":\"" + userid + "\",\"h\":\"" + currenttoken + "\",\"app\":\"" + appname + "\",\"at\":0,\"dur\":0,\"fl\":256,\"p\":\"{}\",\"items\":[],\"deleteAll\":\"\"}";

                                string tokendel = (new WebClient()).DownloadString(urlDeleteToken);  
                            }
                        }
                    }
                }
40

Discussion of new authorization method (oAuth)

(02/10/2015 18:34:53 отредактировано Desarrollo)

Re: Discussion of new authorization method (oAuth)

Hi Everybody.
We are having problems with JAVA API loggin.
Anyone could help me to login again using the new way (not with JavaScript)

This is the code we are using:

private void login()
    {       
        session.initSession("https://hst-api.wialon.com"); //http://kit-api.wialon.com   http://hst-api.wialon.com http://track.folgen.mx "https://hst-api.wialon.com"
        System.out.println("Inicio");
        session.login("","", new ResponseHandler() {
            @Override
            public void onSuccess(String response) {
                super.onSuccess(response);
                System.out.println(String.format("El usuario es:  %s", session.getCurrUser().getName()));
                //JOptionPane.showMessageDialog(null,"Conectado");
                searchGroups();         
            }
            @Override
            public void onFailure(int errorCode, Throwable throwableError) {
                super.onFailure(errorCode, throwableError);
                System.out.println(Errors.getErrorText(errorCode));
                 //logout();
                //JOptionPane.showMessageDialog(null,"Error");
            }
        });   
    }

41

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Desarrollo, please update your Java SDK to the latest version from GitHub and use

Session.loginToken()

method instead of

Session.login()
Mobile Development
Gurtam
42

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hello Kopa!

I'm using the wialon-sdk- 1.2.39.jar, do you have the lastest version? or how can to update this code?

43

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi Everybody!!

Somebody knows if the jar file to JAVA API will be liberate with the most recently update ?   i use the wialon-sdk-1.2.39.jar

44

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Desarrollo пишет:

Hi Everybody!!

Somebody knows if the jar file to JAVA API will be liberate with the most recently update ?   i use the wialon-sdk-1.2.39.jar

there is the last version on GitHub
try to apply method as recommended above

Diana Cheley
Wialon Hosting Expert
Gurtam
45

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Desarrollo
Yes, please download latest version from attachments. We'll update this at sdk.wialon.com as soon as possible.

Опубликовать вложения

Иконка вложений wialon-sdk-1.3.57.jar 147.1 Кб, файл был скачан 472 раз(а) 

Mobile Development
Gurtam
46

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi Kopa!!

Thank you so much for provide the jar file.

Approximately when will have the updated documentation? We need to delivery  these days and require this documentation, or if we can provide the new way to authenticate would be helpful. I'm develop by the code simple in http://sdk.wialon.com/wiki/en/sidebar/j … les/search


I hope your comments.

Thanks in advance.

47

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Desarrollo
Wialon Java SDK and examples updated at sdk.wialon.com, please see updated example which use loginToken method.

Mobile Development
Gurtam
48

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Thank you Kopa!!

I have a questión, token parameter will be static? , not exist method to generate token?, ¿Where i have to generate this token? i paste the code

session.loginToken("2fe8024e0ab91aa6c8ed82717b71bddcECDC362358DF7D90986F5173D405CD0D42DE7B38", new ResponseHandler() {....

I hope your comments!
Thanks!

49

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

If you want to use static token, please see post#36

shmi пишет:

...
Generate token - only once
To get token you can use playground sample or directly  this form. Please check that access_type grant enough rights (use access_type=-1 to grant full rights) and duration=0 (infinite token, the only restriction - use it for login minimum once per 100 days).
...

Otherwise you should use authorization form in your application to generate token, please see post #1

Mobile Development
Gurtam
50

Discussion of new authorization method (oAuth)

(08/10/2015 09:42:47 отредактировано vinod.porwal)

Re: Discussion of new authorization method (oAuth)

Hi,
We are trying to integrate the new authorization in our phonegap application using javascript but we are not able to get it through. Window event message is not getting called.
Please let us know option to integrate new authorization in phonegap.

thanks in advance.

regards,
vinod

51

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

We don't use phonegap in our development. That's why we can't be very helpfull to you in phonegap specific details.
Please refer to our playground examples about tokens http://sdk.wialon.com/playground.
Also this page http://phonegap-tips.com/articles/googl … owser.html can be helpfull to You.

Head of Wialon Local Department
Gurtam
52

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

thanks for information. Another question i have :
How to change the wialon hosting image on login page when calling login.html page from javascript.

thanks & regards,
Vinod Porwal.

53

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

vinod.porwal, logo image for login.html or login_simple.html is taken from site's skin (personal design).
You can ask your personal manager about it.

Head of Wialon Local Department
Gurtam
54

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi,
I am first time Wialon user, so please bear with me for some basic questions.

I am developing a simple android app.
The app is going to run a background job/service. The background job post the location details details to Wialon. The app does not have UI to use wialon login.html
I would like to know the step by step API sequence to token,authorize, login, create the device in Wialon and update the latest location against the device. In the Wialon documentation the new way to authorize is first returning me a html page with sign when i use the below sample url: http://hosting.wialon.com/login.html?cl … ion=604800
As i do not have a UI in my app, i would like to avoid or ignore the html.
Step 1:
Can anyone help how to perform the  token,authorize, login?
Step 2:
Help with using a Wialon item or Unit, i am not sure about the difference and i am noure if i need to use them. As per my requirement, i need to post the device id, location and when there is a location update i need to send and update the location against the device.

Kindly help me out here. Thanks in Advance.

Thank you,
Jagan

55

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi,
I am first time Wialon user, so please bear with me for some basic questions.
I am developing a simple android app.
The app is going to run a background job/service. The background job post the location details details to Wialon. The app does not have UI to use wialon login.html
I would like to know the step by step API sequence to token,authorize, login, create the device in Wialon and update the latest location against the device. In the Wialon documentation the new way to authorize is first returning me a html page with sign when i use the below sample url: http://hosting.wialon.com/login.html?cl … ion=604800
As i do not have a UI in my app, i would like to avoid or ignore the html.
Step 1:
Can anyone help how to perform the  token,authorize, login?
Step 2:
Help with using a Wialon item or Unit, i am not sure about the difference and i am noure if i need to use them. As per my requirement, i need to post the device id, location and when there is a location update i need to send and update the location against the device.
Kindly help me out here. Thanks in Advance.
Thank you,
Jagan

56

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hello, jaganls.

If You can't use our oAuth form in Your app - you can authorize to Wialon using previously created infinite token with request http://sdk.wialon.com/wiki/en/sidebar/r … ples/login
You can create such token for Your user manually by using our oAuth form:

http://hosting.wialon.com/login.html?client_id=wialon&access_type=-1&activation_time=0&duration=0

where in client_id You can pass app name,
access_type -1 means full access,
activation_time 0 means token will be active at once,
duration 0 - means infinite token, it will exist forever, but it will be deleted after 100 days of inactivity (no logins).

Then as a result of successful authorization You can copy Your token from browsers query string: parameter access_token.

Now You can use this token in Your app:

https://hst-api.wialon.com/wialon/ajax.html?svc=token/login&
    params={
        "token":"<your_token>"
    }

As a result of this request You'll get json with parameter "eid". This is session id (sid) which You should pass to all further requests.

Some info about Wialon items. Item is common name for several classes (user, resource, unit, group, route, retranslator).
You need to use Unit -  it's device (tracker, mobile).

More details about sending device's location in next post.

Head of Wialon Local Department
Gurtam
57

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi,

Thank you for the reply. I was able to successfully authorize, login, create unit and search items.
Now my requirement is update location every 5 minutes to the specific unit, can you help with a sample request to keep posting the location update to the unit?

Thank you in Advance.

Thank you,
Jagan

58

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

jaganls, now You can send data messages with coordinates to Wialon Unit.

You can do it using Wialon IPS protocol (recommended) http://gurtam.com/en/gps_tracking/gps_h … ?id=96266.
Here You can find emulator and sources https://github.com/xHasKx/WialonIPSEmulator/wiki.

Another way - You can periodically execute import messages request (with file) http://sdk.wialon.com/wiki/en/sidebar/r … _messages.
More info about import/export in Wialon http://docs.wialon.com/en/hosting/user/msg/port.

By the way this forum thread is for discussion of new authorization method only.

Head of Wialon Local Department
Gurtam
59

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Dear partners
We are developing new Wialon based application. is it possible to use remote API "New Authorization"  in localhost or we have to use it on server?
since when we work on localhost after post the New Authorization the response redirect us to oauth.html that is not contained in our localhost!!
Please guide us in this case.

60

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Dear Support Team

Regarding our new application is it possible to put it on your servers? We need PHP, MySQL and Apach web server? We are no familiar to such things that if your partners put their applications on your servers or user their own server and only use remote API to communication with Wialon.
Our application has it's own DB for some functions that doesn't exist in Wialon and uses Wialon where there is a elememnt in Wialon we can use it via remote API.

61

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Another question:
As each user has it's own Access, Why we should define Token Flag again? if we request for eaxmple -1 Token Flag or an user that don't have such access what will happen? i mean which is in higher level, User access right or Token Flag? is it possible to request a Token with more Flags thatn user access rights?

62

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

hhamedk, Hello.

1. To answer the first question we need more details. Do You use Wialon Hosting or Wialon Local? How did You organized application and access to Wialon? Concerning localhost - it is recommended to use remote server.
2. We don't provide web hosting for clients' apps for now. May be in future. But only with strong validation.
3. About token access rights. You can generate token with limited access, for example to pass to third parties. As for users' access rights and tokens' access rights - they work as intersection.It means that if user has higher level of access and token has lower - lower access rights will work. If token has higher access level and token lower - still lower access rights will work.

Head of Wialon Local Department
Gurtam
63

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Dear Deal

We are using WH
Would you please explain that how we should integrate our app with Wialon? for example we want to add our application in apps menu in monitoring panel, where we should host it? how we should link it to Wialon? Please explain these questions and explain the procedure.
My another question is that we want to check the list of access rights templates for example in user properties by Remote API, but we couldn't find the command for this case. Please explain how should we do it.

64

Discussion of new authorization method (oAuth)

(24/02/2016 18:36:27 отредактировано deal)

Re: Discussion of new authorization method (oAuth)

hhamedk, here is documentation about adding apps to Wialon http://docs.wialon.com/en/hosting/cms/apps/apps.
If something in docs is unclear - ask questions, we'll help.

As for Your second question It isn't quite clear what You want to do. Try to explain more detailed. Are You talking about access rights templates in items dialog http://docs.wialon.com/en/hosting/cms/rights/dialog?

By the way this forum thread is for new authorization method discussion. It is recommended to ask another questions in appropriate threads or create new ones.

Head of Wialon Local Department
Gurtam
65

Discussion of new authorization method (oAuth)

(25/02/2016 11:17:05 отредактировано hhamedk)

Re: Discussion of new authorization method (oAuth)

Dear support team
thanks for your suggestions. Is there any option for us to apply codes first in localhost for test purposes and then Wialon Server? as you wrote on your forum and weblog Auth method the only access right to methods is to apply codes only with a form located in wialon server. If no, please explain how we should put our form to your server?

66

Discussion of new authorization method (oAuth)

(25/02/2016 12:40:12 отредактировано deal)

Re: Discussion of new authorization method (oAuth)

hhamedk, look at this example http://sdk.wialon.com/playground/demo/app_auth_token and try to do smth like this.
As for testing in local network - You can but You should write http://localhost instead of localhost in redirect_uri param.

Head of Wialon Local Department
Gurtam
67

Discussion of new authorization method (oAuth)

(25/02/2016 15:35:59 отредактировано hhamedk)

Re: Discussion of new authorization method (oAuth)

deal пишет:

hhamedk, look at this example http://sdk.wialon.com/playground/demo/app_auth_token and try to do smth like this.
As for testing in local network - You can but You should write http://localhost instead of localhost in redirect_uri param.

Dear deal
We are working on PHP, the code we use is as below:

<?php
// Define URL where the form resides
$form_url = "http://hosting.wialon.com/login.html";

// This is the data to POST to the form. The KEY of the array is the name of the field. The value is the value posted.
$data_to_post = array();

$data_to_post['client_id'] = "Mission Management";
$data_to_post['access_type '] = "-1";
$data_to_post['activation_time'] = "0"; 
$data_to_post['duration'] = "2592000";
$data_to_post['lang'] =  "en";
$data_to_post['flags'] = "0";
$data_to_post['user'] = 'ss-developers';
$data_to_post['redirect_uri'] = 'http://localhost/mm/main.php';
$data_to_post['response_type'] = 'token';
$data_to_post['css_url'] = 'http://localhost/mm/style.css';


// Initialize cURL
$curl = curl_init();

// Set the options
curl_setopt($curl,CURLOPT_URL, $form_url);

// This sets the number of fields to post
curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));

// This is the fields to post in the form of an array.
curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);

//execute the post
$result = curl_exec($curl);

//print_r ($result);

//close the connection
curl_close($curl);

?>

we run this code on local host, the result is as attached screenshot "login.jpg" and after entering the username and password the result is as "error.jpg" attachment.

Please guide us, explain what's wrong.

  • Discussion of new authorization method (oAuth)
  • Discussion of new authorization method (oAuth)
68

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

hhamedk, You use our oauth form in wrong way - it won't work.
Тry to show form in separate window, like here http://sdk.wialon.com/playground/demo/app_auth_token
or in iframe, like here http://sdk.wialon.com/playground/uQRYKW7y/4

Head of Wialon Local Department
Gurtam
69

Discussion of new authorization method (oAuth)

(14/04/2016 11:34:25 отредактировано hhamedk)

Re: Discussion of new authorization method (oAuth)

Hi everyone

We are working on WL regarding our project. i want to know is it possible to change login (login.html) page in our WL server?
We need to design another login page we think as we are using WL (not WH) it may possible.

My another question is about access types under authentication. We could use Geofence Image command (http://sdk.wialon.com/wiki/en/sidebar/r … zone_image) in API with a token of 0x400 access type but now we receive "error 7" response. Is there any change in access types of system?

70

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

hhamedk пишет:

Hi everyone

We are working on WL regarding our project. i want to know is it possible to change login (login.html) page in our WL server?
We need to design another login page we think as we are using WL (not WH) it may possible.

sorry, in this topic just the authorization is discussed, if it's about white-labeling opportunities please contact your regional manager directly.

thanks.

Business Development Manager
Gurtam
71

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

hhamedk пишет:

Hi everyone

My another question is about access types under authentication. We could use Geofence Image command (http://sdk.wialon.com/wiki/en/sidebar/r … zone_image) in API with a token of 0x400 access type but now we receive "error 7" response. Is there any change in access types of system?

There were no changes in access types. This request should work. Make sure your user has enough access rights to resource with geofence.

Head of Wialon Local Department
Gurtam
72

Discussion of new authorization method (oAuth)

(07/09/2016 16:59:13 отредактировано davis.tom)

Re: Discussion of new authorization method (oAuth)

I'm trying to create a new notification and I'm getting access denied(erro 7) error.

Url used to create token:

http://hosting.wialon.com/login.html?client_id=App&access_type=-1&activation_time=0&duration=604800

instead of -1 as access type I tried  0x800- modification of sensitive data too.

Call used to create sid(eid) from the above result:

https://hst-api.wialon.com/wialon/ajax.html?svc=token/login&params={ "token":TOKEN}

With the above sid, call used to create notification: 

https://hst-api.wialon.com/wialon/ajax.html?svc=resource/update_notification&params={"itemId":13935212, "id":0, "callMode":create, "n":name1, "txt":dect1, "ta":2016-02-10, "td":2016-02-14, "ma":0, "mmtd":2, "cdt":2, "mast":2, "mpst":2, "cp":2, "fl":0x1, "tz":0, "la":EN}&sid=SID

I tried to get the account information with the below call and same error.

https://hst-api.wialon.com/wialon/ajax.html?svc=account/get_account_data&params={"itemId":USERID,"type":1}&sid=SID

Any idea what I'm missing?

73

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

davis.tom, itemId 13935212 - is Your user id?
To create notification You should pass there Your resource id.
The same for get_account_data request.

Head of Wialon Local Department
Gurtam
74

Discussion of new authorization method (oAuth)

(08/09/2016 08:05:08 отредактировано davis.tom)

Re: Discussion of new authorization method (oAuth)

deal пишет:

davis.tom, itemId 13935212 - is Your user id?
To create notification You should pass there Your resource id.
The same for get_account_data request.

Edit:

Thanks. Resource Id is "bact" parameter in svc=token/login call right? My value for "bact" is "13935213". I tried with it an now error 7 is gone. Got result for get_account_data call.

But now the error for resource/update_notification is error 4 with "bact" = "13935213". It looks like an issue unrelated to authorization. Will start a new thread and ask.

75

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

URGENT ! OAuth error ?

Yesterday morning at around 10:35 am (Eastern Time), all our data acquisitions using the Wialon REST API stopped working.

It seems to be a problem with OAuth.

Calling the login method, passing one by one all the permanent tokens we had, returned the error code '4'.

I regenerated new permanent tokens for my users via this url: http://hosting.wialon.com/login.html?sv … vc_error=7

Yet, my calls to the login method of the REST API keep on failing with the error code '4'.

By the way, I did verify that application tokens do appear on the Wialon console, so that's why I think there was an update or something your side which broke the way OAuth was working.

Can you please help me to solve this ?

Our customers are no longer receiving their data since yesterday morning.

Thanks

76

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

NTS, do you still have problems with invalid tokens? For more details You can provide user name and invalid token example (private message).

Head of Wialon Local Department
Gurtam
77

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi everyone

May you explain css_url parameters under new authorization method in both advanced and simplified modes?
Please explain below parameters under simplified mode as well (i can't understand them in doc, please give me an example of usage):
1. cms_url
2. lite_url
3. mobile_url
4. title
5. demo_url

78

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hello, hhamedk.
Optional parameter css_url is for custom styling of simple and advances login forms (if You need to change colors, fonts, sizes etc). You can pass an url to externally hosted css file into this paramter.
As for other extra parameters (cms_url, lite_url, mobile_url, title, demo_url) see example here:
https://sdk.wialon.com/playground/demo/ … imple_form
With the help of cms_url (and cms_title - CMS Manager), lite_url (and lite_title - Wialon Lite), mobile_url (and mobile_title - Wialon Mobile) You can specify additional Wialon sites to be shown as links after login. You can login to these sites with one click - newly generated token will be used.
By default only one link to Monitoring site will be shown after login, and with the help of title parameter You can specify the name of this site.
If demo_url and demo_title parameters are passed - additional link is shown at the bottom of simple login form. This link gives ability for user to examine some site (e.g. Wialon Hosting) without entering any login and password. Format of demo_url should be like this: http://hosting.wialon.com/?token=<token> .

Head of Wialon Local Department
Gurtam
79

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Thanks for the detailed instruction.

What I can add here is that you need to set the proper flags to authorize the session ID to do as intended.

-1 is unlimited and good for beta testing, be careful when using this in production.

https://sdk.wialon.com/wiki/en/sidebar/ … cess_flags

80

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Hi, can anyone help , from where to get the resource ids? to pass in create/update/delete token function.

81

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

farith, hello. When you create token and skip or leave empty "items" parameter - token will have access to all items (including resources) that current user has. If you need to grant access to only specific items - you can initially execute core/search_items request with "itemsType" set to "avl_resource" and "flags" set to 1. As a result you'll get list of resources and then you can pass their ids to token/update request into "items" parameter.

Head of Wialon Local Department
Gurtam
82

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

hello,

i have some problem to get the token id with the new authorization ways, always failed less than 15 minute. so the monitoringscript to get the data stop also.
currently, re-login form to get the new token, but its wasting time

let me know, who was same the problem and solution. thanks
ohiya, i use wialon local 1704

  • Discussion of new authorization method (oAuth)
83

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Error 7 on searching item by ID

I have used below command after getting eid
https://hst-api.wialon.com/wialon/ajax. … b24aa7xxxx

But i am getting error 7



I have cretaed token with -1 flags
Not sure why my acees is denied

Can you please help?

84

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

siju, hello. May be you are trying to search for item that doesn't belong to you or you doesn't access to.
You can write pm with item id and your username to check this.

Head of Wialon Local Department
Gurtam
85

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Interesting, very interesting ( Gurtam wants me to reply to 3 topics before creating one... )

86

Discussion of new authorization method (oAuth)

Re: Discussion of new authorization method (oAuth)

Stuff... (I just need to reply to 3 different topics before being allowed to create one myself.)

87

Discussion of new authorization method (oAuth)

(01/02/2019 11:33:53 отредактировано Ivoiretic@2018)

Re: Discussion of new authorization method (oAuth)

Hello dear developers,
I have several wialon accounts and I would like you to help me get an API key and then get GPS data in JSON format. Until now the support is not able to give me a satifaisante answer.
Thank you for wanting to help me.

88

Discussion of new authorization method (oAuth)

(04/08/2020 22:10:26 отредактировано clue)

Re: Discussion of new authorization method (oAuth)

Hi. We can successfully get a token when we visit https://hosting.wialon.com/login.html using a browser.  However we would like to do so programatically.

I tried doing so using Postman and calling this URL:
https://hosting.wialon.com/login.html?l … p;app=Clue

and then passing the Password in Body using x-www-form-urlencoded, as key Password or password or passw, however none of these worked.

Is there a way to pass the password in the request, so that Wialon returns the token?

If you can please send a screenshot of a working implementation in Postman or a Postman collection that would be superb, otherwise any help here would be appreciated too.
Thanks.