Control Game-state from an internet browser.

Right, but what we don't have is a way to open a URI directly in PA.exe

Have you ever seen the mailto://someaddress@somesite.com links before? They are set to open the link in whatever program has registered with that "mailto" label. We really need PA.exe to be able to open links like that.

you could also make the system sharing have an external program as well, and let that communicate with the links. That would be quite roundabout though, and I don't know how effective it would be.

Still no easy way to send the data to PA.exe. Like DeathByDenim said, it could be done if that external program modified a file in the mod directly, but that gets messy.

Yes I can access the user password (I don't in reality and never will), but that does not help me at all.
I need a way to verify that the data I get is from user X, but the data is send from a javascript written mod, with no encryption and it can be easily modified.
Without support from PA I do not see a way to get that right. Ofc I could create my own account system, but what would be really awesome would be to use the PA login instead for obvious usability reasons.

If that works, we could make an auth_manager mod that other mods can require. I would be interested in using it in my system sharing mod too.

Maybe I don't understand how that link actually works, can anybody explain?

It seems "https://uberent.com/User/Login" takes three parameters. I don't know what titleId does, but redirectUrl in decoded format is http://pa.lennardf1989.com/Tracker/...0cDovL3BhLmxlbm5hcmRmMTk4OS5jb20vVHJhY2tlci8=
(not sure if I translated that correctly, but something like that)
And the returnUrl is base64 encoded, which translates to http://pa.lennardf1989.com/Tracker/

My guess it that the uberent.com/User/Login script will make a call to http://pa.lennardf1989.com/Tracker/index.php with some fancy field in either GET or POST to tell you if the authentication was successful, but that will require some more testing.

Reversing that would be pretty fancy.

I see where you're going here and I don't think this is the right approach. As reversing it is possible, we should consider this a BigData problem.

Reading up on the following blogpost, http://forrestthewoods.com/the-tech-of-planetary-annihilation-chronocam/. We can assume that the PA-Client is stupid. They've adopted a Server/Client Architecture. This is good for a few things. It means a lot of what we are asking for is very possible. We can make that assumption because of the way they've implemented the ChronoCam. Specifically, the curve and how the 'curve' communicates data from the server to the client.

We can also make two additional assumptions, the client is the View. The server is the Model, and anything we make is the controller. Classic MVC.

We now have to step back and figure out how much control Uberent will allow 3rd party applications.

Lets build a database.
User: username, password, email
Game: game-uuid, game-name, users, teams, teamn-assingnments

We now want to access this from our 3rd party system, uberent would have to implement OAuth2[1]. This would give us a token to all user data made available to us. We can now make calls to a web-service that will inturn return a game-token that would make a game-session playable by some matched users.

Since we're using a webservice to create the matchmaking and we're using OAuth2, we can assume that everything will be accessible over the internet via HTTP/DNS[2].

We'll now make HTTPRequests like so:
GET /stats/:userid
GET /stats/:gameid
POST /game/create/
{'gamesession-id'} # which then we load into an anchor[3] and it controls the PA.exe client.

From there, we can create a matchmaking algorithm, query the Game-Server-Cluster to create a new gamesession, and then direct the user to initiate the game.

Think Facebook apps, Twitter apps, whatever apps. A SDK that will allow you to get to the User-Data-Graph. Those 3rd party apps are really just mini-controllers.

[1] OAuth2
http://tools.ietf.org/html/rfc6749

[2] DNS
http://en.wikipedia.org/wiki/Domain_Name_System
[3] Anchor
http://www.w3.org/TR/html401/struct/links.html#edef-A

-napperjabber

I am all for oauth or similar. However if we can reverse the login link of ubernet right now that would be cool as well. I could add a simple verification to PA Stats, securing it from all kind of attacks.

So, I've been playing with this today, but I got a bit stuck. What I have so far:
You can get the login form to send a session ticket to you website like so:
https://uberent.com/User/Login?titleId=42&redirectUrl=http://jarno.ca/test/test.php
When I do that, I get presented with the log on screen for my Ubernet account. (titleId=42 means Planetary Annihilation as far as I can tell). Upon a successful login the login form redirects me to the redirectUrl I supplied. An extra parameter is added to redirectUrl, namely "sessionTicket" using GET. In my case, it's:
http://jarno.ca/test/test.php?sessionTicket=12345123451234512345
The sessionTicket is a 20-digit number that presumably can be verified by an API call to the forum software (and get you the username). That's where I got stuck, since I don't know which URL to call for that. I tried:
https://uberent.com/User/Validate
https://uberent.com/User/ServiceValidate
https://uberent.com/User/Check
https://uberent.com/User/Authenticate

Any guesses?

Might want to ask @LennardF1989. Didn't he set up the bugtracker originally?

But where is the fun in that?

You're right of course, he did. If someone want to set up the authentication thingy, they would need to contact him for the missing details.

I'm getting my map preview service to work, can anybody say if "--uiurl" still working in any way?
I just want make game client open system editor on startup without modification of UI.

Crashed PA when I tried it a couple weeks ago. Unless they brought it back, I think it's gone.

It's crash with particular error:

Code:

terminate called after throwing an instance of 'std::runtime_error'
  what():  pathname must be absolute

So actually it's need valid path in filesystem and it's looks like SupCom-like directory mount.
E.g on Linux if you copy "/media/ui" directory to "/tmp" for example, and then remove or rename original "media/ui" you can make game mount UI from different directory with "./PA --uiurl=/tmp/ui".

It's not actually something I need, but it's work. I'll try to create lightweight UI boot that will start with system editor, let's see how this will work.

there's now a --paurl commandline option:



Not sure if that's any help.

I found a way to pass in an arbitrary string.

pa.exe --username "science works"

The value of username appears to be unused by PA. However it can be retrived in the UI layer like this in start.js:handlers.setup_info

console.log(payload.username);

Has there been any progress on this? I need it now because @clopse and @neptunio have gone insane and are actually manipulating data send to PA Stats. I'd REALLY like to use the ubernet login system to authenticate users and be able to ban them simply by ubername.

You guys got close, but I'm not making it easy for you Even if you would guess the right URL, it wouldn't work unless you send specific headers along with your request (an API key). This all happens on the server (be it PA Tracker or the forum), hence you can't intercept it.

I'll see what I can arrange for you guys, in worst case I can provide an API myself as a temporary solution, as the current one provides information for the forum which is irrelevant for other use, the PA tracker just "abuses" it as an endorsed official platform, information never leaves my servers.