https://www.ory.sh/ logo
Join Slack
Powered by
Hey there! I have a question as I'm not very famil...
# general
s
Hey there! I have a question as I'm not very familiar with Ory, and I'm a bit lost in the documentation. I would like to implement Ory in the Unity Engine and use the Ory API for user authentication. Is there any documentation or step-by-step guide explaining how to set up Ory in Unity Engine? Thank you in advance!
d
Does the .net SDK work with Unity? If not you could use OpenAPI Codegen to build a C# / Unity SDK.. or you can just make http requests to kratos yourself https://github.com/ory/sdk/blob/master/clients/client/dotnet/README.md
👍 2
g
I had a similar problem recently as I'm implementing Ory auth in a UE plugin. I went with the OAuth2 Authorization Code flow and an embedded/system browser. I call the Rest API myself though, particularly 
oauth2/auth
for the exchange code and 
oauth2/token
for the access token. There is some setup to do on the Ory Project, such as creating a OAuth Client.
s
Hey, thanks for the responses! I'd be more interested in getting the Ory's .NET SDK to Unity. I was able to download all the packages with its dependencies to blank C# project. Is it possible to move all of that to Unity project? Also how could I use/call Rest APi from C#.
So I managed to generate a flow id using Unity's web requests:
Copy code
UnityWebRequest request = UnityWebRequest.Get("'ory-http/self-service/registration/api");

yield return request.SendWebRequest();

FlowResponse flowResponse = JsonUtility.FromJson<FlowResponse>(request.downloadHandler.text); // Flowresponse contains just 'id' field
But I'm somehow getting an error response from registering user. It says "...Could not find a strategy to sign you up with. Did you fill out the form correctly?" This is my code:
Copy code
string completeRegistrationUrl = $"{ory-http/self-service/registration?flow={flowId}";

            RegistrationRequest requestObject = new RegistrationRequest
            {
                traits = new Traits
                {
                    email = email,
                    username = "name",
                },
                password = password
            };

            string jsonBody = JsonUtility.ToJson(requestObject);

            Debug.Log($"Registration JSON: {jsonBody}");

            UnityWebRequest request = new UnityWebRequest(completeRegistrationUrl, "POST");
            byte[] bodyRaw = System.Text.Encoding.UTF8.GetBytes(jsonBody);
            request.uploadHandler = new UploadHandlerRaw(bodyRaw);
            request.downloadHandler = new DownloadHandlerBuffer();
            request.SetRequestHeader("Content-Type", "application/json");

            yield return request.SendWebRequest();

            if (request.result != UnityWebRequest.Result.Success)
            {
                Debug.LogError($"Error sending request: {request.error}");
                Debug.LogError($"Response code: {request.responseCode}");
                Debug.LogError($"Response: {request.downloadHandler.text}");
                yield break;
            }
Any ideas?
Ok, got the registration working. Now if I want to login, I receive this error:
Copy code
{
  "error": {
    "id": "security_csrf_violation",
    "code": 403,
    "status": "Forbidden",
    "request": "134a2d69-553a-9bb0-9baa-68b55707c866",
    "reason": "Please retry the flow and optionally clear your cookies. The request was rejected to protect you from Cross-Site-Request-Forgery (CSRF) which could cause account takeover, leaking personal information, and other serious security issues.",
    "details": {
      "docs": "<https://www.ory.sh/kratos/docs/debug/csrf>",
      "hint": "The anti-CSRF cookie was found but the CSRF token was not included in the HTTP request body (csrf_token) nor in the HTTP Header (X-CSRF-Token).",
      "reject_reason": "The HTTP Cookie Header was set and a CSRF token was sent but they do not match. We recommend deleting all cookies for this domain and retrying the flow."
    },
    "message": "the request was rejected to protect you from Cross-Site-Request-Forgery"
  }
}
d
are you adding the hidden 
csrf_token
field to the submission?
s
Hey @dazzling-napkin-4938 I'm not adding a csrf_token. This field is also empty/ without value if I request for a GET method on .../self-service/login. Should I somehow manually handle this?
d
so disclaimer - I’ve never really worked with Unity so I don’t know the ins and outs. With the kratos sdk are you doing native or browser flows? That error sounds like Kratos has set a csrf cookie, which your web client is subsequently sending through to kratos, but you don’t have the matching csrf_token in your form submission. 
csrf_token
being blank in the form is normal for native flows. You’d need to inspect the requests between you and kratos I think, or maybe someone from the Ory team might understand what’s going on better
s
Hey @dazzling-napkin-4938, I solved my issue. I was packing JSON data incorrectly, but somehow I was getting the csrf violation error. I managed to pack the data correctly and now I can login with ease. Thanks for help!
d
nice 1
24 Views
Open in Slack
PreviousNext
Powered by