Community

Proxy settings - Drive Directions

2651
3
Jump to solution
12-12-2013 01:19 PM
DaveOrlando
by
Occasional Contributor III
‎12-12-2013 01:19 PM
with the depreciation of tasks.arcgisonline this month we are trying to switch to the route.arcgis.com instead, this is now a payservice so we're trying to follow the proxy example from GitHub.

https://github.com/EsriCanada/proxy-oauth
https://github.com/EsriCanada/application-boilerplate-driving-directions-js

There are so many places to change setting that I have completely tied myself in knots.

First off: Is it possible to pass our AGOL credentials so public users will never have to log-in?
If NOT please tell me!

If so, what settings do I change. There are places in:
boiler/config/default.js
proxy/proxy.config
proxy/web.config

Do I need to hardcode my AGOL username / password somewhere?
I've been told I need to register my app to get an appID and secret although this is strange to me because it is a local app so why/how do I register an app on my server with with AGOL
What do I use for the referer?, keep localhost or my ISS root or application path or server name/IP

I feel like there are many ways to use a proxy and each example is different although much of the terminology is being repeated when it shouldn't be.

As mention at the top, the old routing is disappearing so I expect there will be high demand for a clear answer.

Thanks
1 Solution

Accepted Solutions
DaveOrlando
by
Occasional Contributor III
‎12-16-2013 07:04 AM
Hello all, I got this working so here is my review.

The help doc that finally hit the mark is this
http://resources.arcgis.com/en/help/arcgis-rest-api/index.html#/Accessing_services_provided_by_Esri/...

The main issues I had were that I was trying to authenticate with the wrong service. Most proxy examples are using this URL to get the token, (and this may still be possible but I didn't have luck with it)
https://www.arcgis.com/sharing/genrateToken

The example above, for OAuth uses this token generator
https://www.arcgis.com/sharing/oauth2/token

I also had a harder look at the code within the proxy and realized that it had to be adjusted to accommodate the new URL, basically just adjust the query string that calls for the token (stuff like changing 'username' to 'client_id' to match the url in Step7 of the help doc above)

Something else that messed me up when someone tried to explain it to me was the (Step 3) Create New Application. The process just didn't sound logical to me and I was fighting to know how it related to my local app. This 'New Application' has 100% nothing to do with your local application, it is just an ID and secret generator tied to your AGOL account. It should be renamed to 'OAuth Credential Generator' period.

I also forgot to mention that I was first trying this with a small html JavaScript project, but these successful steps were with my Silverlight app (which was my final goal anyways) but hopefully this is still relevant to this forum.

Here is some code too (I added 'client_id' & 'client_secret' attributes to the 'SeverItem' class)
proxy.config
<serverItem url="http://route.arcgis.com/arcgis/rest/services" matchAll="true"
               client_id="<client_id>" client_secret="<client_secret>" permitted_referer="http://localhost"
               tokenUrl="https://www.arcgis.com/sharing/oauth2/token" />


proxy.ashx
 if (theToken == null)
                        {
                            string tokenServiceUrl = string.Format("{0}?client_id={1}&client_secret={2}",
                                si.TokenUrl, si.Client_id, si.Client_secret);

                            int timeout = 60;
                            if (si.Timeout > 0)
                                timeout = si.Timeout;

                            tokenServiceUrl += string.Format("&expiration={0}", timeout);
                            DateTime endTime = DateTime.Now.AddMinutes(timeout);

                            tokenServiceUrl += "&grant_type=client_credentials";


I split the returned token to get just the token string, I'm sure there is a better way to do this but this was the first time dealing with a json response
 if (string.IsNullOrEmpty(token))
            token = generateToken(uri);
        
        string[] sTokenParts = token.Split('"');

        if (!String.IsNullOrEmpty(token))
        {
            if (uri.Contains("?"))
                uri += "token=" + sTokenParts[3]; //token;


take home lesson, never assume all proxy code is plug and play, they must be adjusted for your purpose.

View solution in original post

0 Kudos
3 Replies
JohnGravois
by
Frequent Contributor
‎12-13-2013 07:16 AM
hi dave,

Is it possible to pass our AGOL credentials so public users will never have to log-in?

its definitely possible to authenticate on behalf of end users to access subscription services so no one has to sign in when they use your app

i haven't worked with the EsriCanada proxy specifically but ill try and breakdown the issues in play.

Do I need to hardcode my AGOL username / password somewhere?

there are several options. 

1. you can store a hardcoded token in any old proxy and make sure to update it every two weeks
2. you can store a username, password and referrer and generate a user token on the fly
3. you can register your app with ArcGIS Online and store the appid and appsecret in your proxy so that the app itself can request a token and be charged credits directly.

What do I use for the referer?

the referrer you should be using is the url of your app, because requests from your app to route.arcgis.com will include this referrer to explain to the service where the request originated.
0 Kudos
DaveOrlando
by
Occasional Contributor III
‎12-16-2013 07:04 AM
Hello all, I got this working so here is my review.

The help doc that finally hit the mark is this
http://resources.arcgis.com/en/help/arcgis-rest-api/index.html#/Accessing_services_provided_by_Esri/...

The main issues I had were that I was trying to authenticate with the wrong service. Most proxy examples are using this URL to get the token, (and this may still be possible but I didn't have luck with it)
https://www.arcgis.com/sharing/genrateToken

The example above, for OAuth uses this token generator
https://www.arcgis.com/sharing/oauth2/token

I also had a harder look at the code within the proxy and realized that it had to be adjusted to accommodate the new URL, basically just adjust the query string that calls for the token (stuff like changing 'username' to 'client_id' to match the url in Step7 of the help doc above)

Something else that messed me up when someone tried to explain it to me was the (Step 3) Create New Application. The process just didn't sound logical to me and I was fighting to know how it related to my local app. This 'New Application' has 100% nothing to do with your local application, it is just an ID and secret generator tied to your AGOL account. It should be renamed to 'OAuth Credential Generator' period.

I also forgot to mention that I was first trying this with a small html JavaScript project, but these successful steps were with my Silverlight app (which was my final goal anyways) but hopefully this is still relevant to this forum.

Here is some code too (I added 'client_id' & 'client_secret' attributes to the 'SeverItem' class)
proxy.config
<serverItem url="http://route.arcgis.com/arcgis/rest/services" matchAll="true"
               client_id="<client_id>" client_secret="<client_secret>" permitted_referer="http://localhost"
               tokenUrl="https://www.arcgis.com/sharing/oauth2/token" />


proxy.ashx
 if (theToken == null)
                        {
                            string tokenServiceUrl = string.Format("{0}?client_id={1}&client_secret={2}",
                                si.TokenUrl, si.Client_id, si.Client_secret);

                            int timeout = 60;
                            if (si.Timeout > 0)
                                timeout = si.Timeout;

                            tokenServiceUrl += string.Format("&expiration={0}", timeout);
                            DateTime endTime = DateTime.Now.AddMinutes(timeout);

                            tokenServiceUrl += "&grant_type=client_credentials";


I split the returned token to get just the token string, I'm sure there is a better way to do this but this was the first time dealing with a json response
 if (string.IsNullOrEmpty(token))
            token = generateToken(uri);
        
        string[] sTokenParts = token.Split('"');

        if (!String.IsNullOrEmpty(token))
        {
            if (uri.Contains("?"))
                uri += "token=" + sTokenParts[3]; //token;


take home lesson, never assume all proxy code is plug and play, they must be adjusted for your purpose.
0 Kudos
JohnGravois
by
Frequent Contributor
‎12-16-2013 07:44 AM
dave,

glad to hear you have what you need.  i agree with most of your comments with the exception of renaming the application registration process to call it 'OAuth Credential Generator'.  while this is certainly true in your case, other people are writing apps that ask users to sign in to access subscription/secure content, and using a different OAuth technique to broker the authentication.

either way, thanks for taking the time to convey what you learned back in this thread.  it will certainly be helpful info for others.
0 Kudos