Configurable SSO endpoint

[copyliu]

https://github.com/seraphx2/ESI.NET/blob/606edd432ab0bef42ec9ce7ba56d007630057eb3/ESI.NET/Logic/_SSOLogic.cs#L31

It seems SSO endpoint isn't configurable, I think a configurable SSO endpoint will good for testing SISI stuff or for Serenity

[seraphx2]

Can you give an example? I don't quite follow. I am unfamiliar with what would need to be done to do so.

[samuelgrant]

You are also missing the ability to use SSO V2 (See ESI Docs).

The major thing you are missing is a /v2/ flag the URLs. This will need to be added before developers can make use of the new OpenID workflow.

https://github.com/seraphx2/ESI.NET/blob/e1c2b9b9c4ce47df1d189ac2edbfd012b6a45fd3/ESI.NET/Logic/_SSOLogic.cs#L31

Edit: I don't see a state getting set in the CreateAuthenticationUrl method. A state is required for the v2 login flow.

[seraphx2]

Thanks. I'll be reviewing the PRs I got concerning the SSO Link generator and updating ESI this weekend if it all checks out. Been super busy this week and haven't had time after work to take a look.

Thanks for taking the time to put this together.

[copyliu]

the v2 URL was in my staging but not committed, I am reviewing what will affected after upgrade to V2 SSO, they said v2 is not stable enough (https://docs.esi.evetech.net/#sso---read-this-notice-first) ..

and if decided upgrade to V2 SSO, I think we must implement some JWT verification too

[seraphx2]

ahh this is stuff I have not had to deal with yet at work or personally lol Thanks for the link

[samuelgrant]

V2 SSO is still very much in development but the core features seem to be stable enough for use now, there are some features that are not yet working (see the link above). However, this authentication services is now in use in some applications including EveMon. It is worth adding support for /v2/ in the library when possible, though I would recommend your library uses V1 unless explicitly set to use /v2/.

The reason I've written code on my fork is because I needed the /v2/ route for getting tokens so I could create an authorizedCharacter object for certain ESI Endpoints. As I mentioned in my pr #25 I forgot to add support in the Verify method to work with /v2/ and to verify the JWT so I need to do that when I get the chance.