originally posted in:BungieNetPlatform
Authentication - Main : http://pastebin.com/pQTH7WR7
Read this one ass well since PSN changed the AUTH flow: https://www.bungie.net/en/Clan/Post/39966/119730323/0/0
English
-
I wonder if you'd be willing to help explain this to me as I've been fighting with it for days... So, I use this same code. This function just logs in with Bungie and saves the cookie to a file and return true/false based upon its successful login. From there, I'm lost. Is the bungled value always in this cookie file to pass for the X-CSRF? If so, why does it disappear from this file if the auth function is run more than once? I assume something to do with already being authenticated. Do I need to pass this whole cookie file with each request or just specific information from the file? Like I'm just struggling to figure it all out. How do I get this cookie information and call the private endpoint simultaneously? Bah! I've scored tons of pages/posts in this forum. I've scored the wiki repeatedly. I just can't figure this out.
-
I've changed the script slightly here: http://pastebin.com/uCuzMkKp ( Curl fails on this workstation ) I'm using the psn login method and dont see the 'bungled' getting changed or deleted, it should no be deleted since this is a required parameter. When getting the data from the API you must provide the entire Cookie file like in the example ( The Curl will handle your cookies! ) - curl_setopt ( $ch, CURLOPT_COOKIEJAR, $cookie_file ); - curl_setopt ( $ch, CURLOPT_COOKIEFILE, $cookie_file ); I've got a API test for myself: http://www.rickdeman.nl/platform/destiny/apitest.php ( is moved and described somewhere in the forum ) this will check: Headers, Cookies & GET Hope this will help!
-
So - you are amazing. Thank you! So much! Between your response and another demonstration I found in the Wiki I was able to get it working! I was not able to test my script with your API test. It constantly said that my x-csrf did not match the cookie. I could view the cookie file (local) and view the headers printed from your script and they did match - so not too sure what I did wrong. However, I am now successfully authenticating and pulling from private endpoints. @Rikkert2x. Thank you so very much!
-
Edited by k20stitch: 5/18/2015 5:06:22 PMThanks a lot!