Вы не вошли. Пожалуйста, войдите или зарегистрируйтесь.
Our problem is that we can't use WebView as i mentioned. Because username and password should set by Administrator not user or operator and also username and password sent from our server side in a encrypted file, application use file, read username and password, store them and use them for future login. So, should forgot WebView completely. But thanks.
Any other idea?
hhamedk If you have a session on your server side, you can create tokens by calling token/update method with callMode=create. After you can send them to your application and use them for future login.
We finally found a way. I call http://hosting.wialon.com/login.html and get response, then i extract sign from this response, then i set parameters and send for http://hosting.wialon.com/oauth.html, in response I get html string that contains "authorization success" . But i can't get token from response, i should get token from new url that android can't get it (or i don't know how). How can I get token in response?
This is wrong way. You shouldn't extract sign parameter and execute /oauth.html request by yourself. It is restricted and if it works now - you can't be sure that it will work tommorow. In your sites/apps you should use authorization form to generate token. If there is problem to show form in some app - you can generate infinite token (duration 0) with full access (access_type -1) and use it insted of login and password. Using this token you can authorize and do everything including generation of new tokens for subusers.
Is there a possibility to create a Token from CMS or Monitoring panel?
I have two question:
1. If we create a infinite Token is it possible to use it in our application as you mentioned? does Token work with any IP? Our application will install on an android smart phone and IP address will change time to time.
2. You developed new authentication way to increase security level. Don't you think creating a infinite Token has lower security level than even old authentication?
There is no such interface in CMS or Monitoring. You can only view or remove tokens in user's menu -> Manage Applications.
But you can generate such token using authorization form with such request:
http://hosting.wialon.com/login.html?cl … mp;flags=6
1. You can use generated token in any your apps on any IP.
2. We don't think so. Even infinite token can be removed anytime by owner.
New authorization method is much better and safer than old one.
We'll continue to make it better.
Hello,
We're trying to add the new OAuth autorization in your custom application who is running in background on our server, but we're have a bug and need you help on this issue.
For our application who is running in background on our server.
How we need to use the authorization method in background on our server ?
What is the code to use in background on our server ?
How we can have a warranty that we have obtain a token and our service continue to work in background ?
In your sites/apps you should use authorization form to generate token. (You can show it using WebView component or equivalent one)
If there is problem to show our form in some app - you can generate infinite token (duration 0) with full access (access_type -1) and use it insted of login and password.
Using this token you can authorize and get sid. And then your app can execute request using this sid.
You can refer to docs at http://sdk.wialon.com/wiki/ru/sidebar/r … ogin/login
and examples at http://sdk.wialon.com/playground/ (last 3 examples)
For our application who is running in background on our server.
Usually background services with deprecated core/login works in following way:
If you app work as writen, here's steps how to use new OAuth autorization:
We have several projects that uses this logic, everything works fine. Please ask if need some clarification.
Hi,
Do you have a sample of code in C# who use this logic to validate if the token has expired ?
Thanks
Regards
Do you have a sample of code in C# who use this logic to validate if the token has expired ?
Sorry, we dont use C#.
But logic is pretty easy: you have to check if 'error' key exists in token/login request. Here's pseudo code (just sample, not a real program)
// constants
url = "http://hst-api.wialon.com/wialon/ajax.html";
token = "79c8a862473fef040c011e5d40a36e3a4DA1F0E9ABF237D20E89AA7BAA4480FCBBA92915";
// RemoteApi request
request = Request(url + "?svc=token/login¶ms={token:'" + token + "'}");
// exec token/login and get response
response = request.send();
// parse response json
response = Json.parse(response);
// check "error" key exists
if (response.hasKey("error")) {
if (response.getValue("error") == 7 || response.getValue("error") == 8) {
// invalid token
return
} else {
// other login error, try to login again
}
} else {
// token is valid
}I use C# and I use the everlasting tokens option with below code to check and delete if too many tokens are created . Hope this helps
List<tokens> tokenslist = ser1.Deserialize<List<tokens>>((new WebClient()).DownloadString(urlCheckTokenCount));
if (tokenslist.Count > 900)//max allowed number of tokens per user is 1000, I use to delete them if they exceed 900;
{//will delete only tokens under this app name and this user
for (int i = 0; i < 900; i++)
{
string currenttokenappname = tokenslist[i].app;
if (string.Compare(currenttokenappname, appname) == 0)
{
string currenttoken = tokenslist[i].h;
if (string.Compare(currenttoken, token) != 0)//skip current token , delete all the rest,
{
string urlDeleteToken = wialonurlfix + "ajax.html?svc=token/update¶ms=" +
"{\"callMode\":\"delete\",\"userId\":\"" + userid + "\",\"h\":\"" + currenttoken + "\",\"app\":\"" + appname + "\",\"at\":0,\"dur\":0,\"fl\":256,\"p\":\"{}\",\"items\":[],\"deleteAll\":\"\"}";
string tokendel = (new WebClient()).DownloadString(urlDeleteToken);
}
}
}
}
Hi Everybody.
We are having problems with JAVA API loggin.
Anyone could help me to login again using the new way (not with JavaScript)
This is the code we are using:
private void login()
{
session.initSession("https://hst-api.wialon.com"); //http://kit-api.wialon.com http://hst-api.wialon.com http://track.folgen.mx "https://hst-api.wialon.com"
System.out.println("Inicio");
session.login("","", new ResponseHandler() {
@Override
public void onSuccess(String response) {
super.onSuccess(response);
System.out.println(String.format("El usuario es: %s", session.getCurrUser().getName()));
//JOptionPane.showMessageDialog(null,"Conectado");
searchGroups();
}
@Override
public void onFailure(int errorCode, Throwable throwableError) {
super.onFailure(errorCode, throwableError);
System.out.println(Errors.getErrorText(errorCode));
//logout();
//JOptionPane.showMessageDialog(null,"Error");
}
});
}
Desarrollo, please update your Java SDK to the latest version from GitHub and use
Session.loginToken()method instead of
Session.login()Hello Kopa!
I'm using the wialon-sdk- 1.2.39.jar, do you have the lastest version? or how can to update this code?
Hi Everybody!!
Somebody knows if the jar file to JAVA API will be liberate with the most recently update ? i use the wialon-sdk-1.2.39.jar
Hi Everybody!!
Somebody knows if the jar file to JAVA API will be liberate with the most recently update ? i use the wialon-sdk-1.2.39.jar
there is the last version on GitHub
try to apply method as recommended above
Desarrollo
Yes, please download latest version from attachments. We'll update this at sdk.wialon.com as soon as possible.
wialon-sdk-1.3.57.jar 147.1 Кб, файл был скачан 472 раз(а)
Hi Kopa!!
Thank you so much for provide the jar file.
Approximately when will have the updated documentation? We need to delivery these days and require this documentation, or if we can provide the new way to authenticate would be helpful. I'm develop by the code simple in http://sdk.wialon.com/wiki/en/sidebar/j … les/search
I hope your comments.
Thanks in advance.
Desarrollo
Wialon Java SDK and examples updated at sdk.wialon.com, please see updated example which use loginToken method.
Thank you Kopa!!
I have a questión, token parameter will be static? , not exist method to generate token?, ¿Where i have to generate this token? i paste the code
session.loginToken("2fe8024e0ab91aa6c8ed82717b71bddcECDC362358DF7D90986F5173D405CD0D42DE7B38", new ResponseHandler() {....
I hope your comments!
Thanks!
If you want to use static token, please see post#36
...
Generate token - only once
To get token you can use playground sample or directly this form. Please check that access_type grant enough rights (use access_type=-1 to grant full rights) and duration=0 (infinite token, the only restriction - use it for login minimum once per 100 days).
...
Otherwise you should use authorization form in your application to generate token, please see post #1
Hi,
We are trying to integrate the new authorization in our phonegap application using javascript but we are not able to get it through. Window event message is not getting called.
Please let us know option to integrate new authorization in phonegap.
thanks in advance.
regards,
vinod