RAMPAGE OAuth
RAMPAGE provides an OAuth system that is free to use for our community!
Login
Redirect a user to id.rampagestudios.org/login/sso
with query ?return_url=returnwebsite&scopes=abc
.
Replace scopes with the data you want to get returned to you.
Replace return_url with your PHP script to receive the user data.
Scopes and return_url are required for it to work
Scopes
Roblox Scopes
-
roblox_username
Roblox username -
roblox_display
Roblox display name -
roblox_id
Roblox user id -
roblox_avatar_url
Roblox avatar (URL) -
roblox_description
Roblox description -
roblox_banstatus
Roblox Ban Status (boolean) -
roblox_username_history
Roblox Username History -
roblox_groups
Roblox Groups you are in
RAMPAGE Scopes
-
rampage_id
RAMPAGE User ID -
rampage_email
RAMPAGE Email
Target Scopes
-
target_roblox
Must add this if you need roblox scopes (roblox_id, roblox_ username, etc) -
target_rampage
Must add this if you need rampage scopes (rampage_id, rampage_email, etc)
If the target scopes are NOT added, you can’t interact with oAuth server to get the data.
Example: https://id.rampagestudios.org/login/sso?return_url=https://example.com/return.php&scopes=target_roblox,roblox_username
Properly encoded:
https://id.rampagestudios.org%2Flogin%3Freturn_url%3Dhttps%3A%2F%2Fexample.com%2Freturn.php%26scopes%3Droblox_username&3Dtarget_roblox
To url encode, I recommend using this website or use this PHP method:
$myurl = "https://id.rampagestudios.org/login/sso?return_url=https://example.com/return.php&scopes=target_roblox&roblox_username";
echo urlencode($myurl);
// Returns
// https://id.rampagestudios.org%2Flogin%3Freturn_url%3Dhttps%3A%2F%2Fexample.com%2Freturn.php%26scopes%3Droblox_username&3Dtarget_roblox
Handle Responses after return
Success
If the login is successful, the user will be redirected to the return_url with an access key.
Example:
https://example.com/return.php?success=true&target_roblox_key=abc
abc
is the example access key. Once you get the key, you are able to make a POST request
to RAMPAGE servers & request access to the data. Once the user is returned, your server has up to 2 minutes to make that request, otherwise, that data will be invalidated.
Key is named: target_platform_key. So if you use scope target_roblox it will be target_roblox_key.
If you are requesting login for more than just one platform, for example target_rampage, It will return target_rampage_key and target_roblox_key. Each key is unique and have there own timers.
We are in process of adding more platforms.
Make a POST request to:
https://api.rampagestudios.org/v1/oauth/request/index.php
with json body:
{"key":"abc","platform":"target_roblox"}
Platform is the target scope for the specific platform you had your customer login for.
Key IS case sensitive.
Our servers will return JSON back to your POST Request.
key
is generated key we gave to your user who logged in.
Error
The error will occur when a user declines the authorization, no account is found, pending verification, or no Roblox account. Make sure to check with $_GET
to make sure the login was a success.
https://example.com/return.php?failed=true
Request Data after Authorization
Make your requests to:
https://api.rampagestudios.org/v1/oauth/request/index.php
Success
This is the returned JSON sent to you if the login was a success.
(This is a example with the scopes: roblox_username
, roblox_id
, and roblox_avatar_url
)
{"success":true,"roblox_username":"Roblox","roblox_id":1,"roblox_avatar_url":"roblox.com/avatar.png"}
Error
The error will occur when an invalid key has been entered.
{"success":false, "reason":"bad call"}
PHP Example
<?php
session_start();
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
function generate()
{
return sprintf('%04X%04X-%04X-%04X-%04X-%04X%04X%04X', mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(16384, 20479), mt_rand(32768, 49151), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535));
}
// Format URL
$scopes = array("target_roblox", "roblox_username", "roblox_display", "roblox_id", "roblox_avatar_url"); // Add scopes you want here.
$return = "https://demo.vq9o.com/oauth/index.php"; // Return here.
// Format the URL (Do not touch)
$scopes = implode(',', $scopes); // Format to comma-seperated-value
$url = "https://id.rampagestudios.org/login/sso?scopes=" . rawurlencode($scopes) . "&return_url=" . rawurlencode($return);
// Handle URL
if (!empty($_GET["logout"])) {
echo "<b>Logged out!</b>";
setcookie(session_name(), '', 100);
session_unset();
session_destroy();
$_SESSION = array();
}
function GET($url, $fields)
{
$ch = curl_init($url);
$payload = json_encode($fields);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
return json_decode($result);
curl_close($ch);
}
if (!empty($_GET["target_roblox_key"])) {
$GeneratedCheckURL = "https://api.rampagestudios.org/v1/oauth/request/index.php";
$Fields = [
"key" => htmlspecialchars($_GET["target_roblox_key"]),
"platform" => "target_roblox"
];
$data = GET($GeneratedCheckURL, $Fields);
if ($data->success == true) {
$_SESSION["rampage_oauth_session"] = $data;
echo "<b>Authorized!</b>";
echo "<p>JSON:</p>". json_encode($data);
} else {
echo "<b>Login authorization key is expired!</b>";
}
} else {
if (!empty($_GET["failed"])) {
if (htmlspecialchars($_GET["failed"]) == true) {
echo "<b>Login failed due to: Pending Verification, No Account Found, No Roblox Account, or another error.</b>";
}
}
}
?>
<html>
<link rel="stylesheet" href="https://rampage.host/bulma.css">
<link rel="stylesheet" href="https://demo.vq9o.com/oauth/style.css">
<link rel="stylesheet" type="text/css" href="https://rampage.host/bulma_tooltip.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Manrope:[email protected];800&display=swap">
<nav class="navbar is-white topNav">
<div class="container">
<div class="navbar-brand">
<a class="navbar-item">
<p>Roblox <b>OAuth</b></p>
</a>
</div>
<div class=" navbar-end">
<div class="navbar-item">
<?php
if (empty($_SESSION["rampage_oauth_session"])) {
echo '<a class="button is-light" href="'. $url .'"><img height="25" width="25"
src="https://rampage.host/roblox.png" alt=""> Login</a>';
} else {
echo '<a class="button is-dark is-outlined" href="'. $return .'?logout=true"><img height="25" width="25"
src="https://rampage.host/roblox.png" alt=""> Logout</a>';
echo '<p class="image is-32x32 has-tooltip-bottom" data-tooltip="'. $_SESSION["rampage_oauth_session"]->roblox_username . '">
<img src="'.$_SESSION["rampage_oauth_session"]->roblox_avatar_url. '">
</p>';
}
?>
</div>
</div>
</div>
</nav>
</html>
Javascript Example
const express = require("express");
const http = (...args) => import('node-fetch').then(({default: http}) => fetch(...args));
const cookieSession = require('cookie-session')
const app = express();
const PORT = process.env.PORT || 8080;
const scopes = ["target_roblox", "roblox_username", "roblox_display", "roblox_id", "roblox_avatar_url"];
app.use(cookieSession({
name: 'rampage_oauth_session',
keys: ["securekey123"],
maxAge: 24 * 60 * 60 * 1000 // 24 hours
}));
app.get("/", (req, res) => {
if (!req.session.rampage_oauth_session.loggedin) return res.redirect(`http://localhost:${PORT}/login`);
res.redirect(`http://localhost:${PORT}/dashboard`);
});
app.get("/dashboard", (req, res) => {
if (!req.session.rampage_oauth_session.loggedin) return res.redirect(`http://localhost:${PORT}/login`);
res.send(req.session.rampage_oauth_session.data)
});
app.get("/logout", (req, res) => {
if (!req.session.rampage_oauth_session.loggedin) return res.redirect(`http://localhost:${PORT}/login`);
req.session = null;
res.send("Logged out!")
});
app.get("/authorize", (req, res) => {
const target_roblox_key = req.query.target_roblox_key;
if (!target_roblox_key) return console.log("No key found");
const response = await fetch('https://api.rampagestudios.org/v1/oauth/request/index.php', {
body: {
key: target_roblox_key,
platform: "roblox"
}
});
const data = await response.json();
if (!data.success) return console.log("Failed to verify success");
req.session.rampage_oauth_session.loggedin = true
req.session.rampage_oauth_session.data = data
res.redirect(`http://localhost:${PORT}/dashboard`);
});
app.get("/login", (req, res) => {
const scopesFormated = scopes.join(",");
const returnURL = `localhost:${PORT}/authorize`;
const redirect = `https://id.rampagestudios.org/login/sso?scopes=${encodeURIComponent(scopesFormated)}&return_url=${encodeURIComponent(returnURL)}`;
res.redirect(redirect);
});
app.listen(PORT, () => {
console.log(`Server is running on port ${PORT}.`);
});