How to use EOS ticketing in-game? blocked by cloudflare as I don't have a cookie

Development Programming & Scripting Multiplayer & Networking
, , , , ,
1

Hey,
I am trying to implement ticketing from our game to collect player feedback and saw there is some existing solution from EOS.
I have been following the docs on:

https://dev.epicgames.com/docs/epic-online-services/player-and-game-data/ticketing-system

had a working postman example easily with the auth token from the dev portal.
I have tried to implement it in-game so useres can provide feedback.

I could not get this to work as it seems I am blocked by cloudflare(403) as I do not have a cookie(all other headers are good, if I add the postman generated cookie for example - it works).
it states in the docs that it can be used from the game client, but I could not find a way to make it work reliably.

I did verify the request body is as expected from the log and took it as is to postman.

Below is my code. Any help is highly appreciated. what is the needed approach here?

void UTrvPlayerFeedbackBFL::SubmitPlayerFeedback(APlayerState* PlayerState, const FString& Message)
{
	FString Url = TEXT("https://dev.epicgames.com/portal/api/v1/services/tickets/submit/");
	const FString& UserName = PlayerState->GetPlayerName();
	const FString& UserId = PlayerState->GetUniqueId().ToString();


	// web api Auth token from config
	const FString AuthToken = TEXT("AuthToken");

	// Build JSON payload
	TSharedPtr<FJsonObject> JsonObject = MakeShareable(new FJsonObject);

	JsonObject->SetStringField("subject", "technical-support");
	JsonObject->SetStringField("message", Message);

	JsonObject->SetStringField("sender_email",TEXT("userFeedback@email.com"));
	JsonObject->SetStringField("sender_name", UserName.IsEmpty() ? TEXT("Player") : UserName);

	// EOS / Steam ID
	JsonObject->SetStringField("guid", UserId);

	// Optional system info
	JsonObject->SetStringField("error_code", "none");
	JsonObject->SetStringField("system_os", FPlatformProperties::IniPlatformName());
	JsonObject->SetStringField("system_antimalware", "unknown");
	JsonObject->SetStringField("system_other", "UE Client");

	FString RequestBody;
	TSharedRef<TJsonWriter<>> Writer = TJsonWriterFactory<>::Create(&RequestBody);
	FJsonSerializer::Serialize(JsonObject.ToSharedRef(), Writer);

	// Create HTTP request
	TSharedRef<IHttpRequest, ESPMode::ThreadSafe> Request =
		FHttpModule::Get().CreateRequest();

	Request->SetURL(Url);
	Request->SetVerb("POST");

	Request->SetHeader("Content-Type", "application/json");
	Request->SetHeader("Authorization", FString::Printf(TEXT("Token %s"), *AuthToken));

    // tried putting a normal user agent here as well
	Request->SetHeader("User-Agent", TEXT("UE Client"));

	Request->SetContentAsString(RequestBody);

	Request->OnProcessRequestComplete().BindStatic(&UTrvPlayerFeedbackBFL::OnResponseReceived);

	UE_LOG(LogPlayerFeedbackBlueprintFunctionLibrary, Log, TEXT("UTrvPlayerFeedbackBFL::SubmitPlayerFeedback - Request Body:\n%s"), *RequestBody);
	Request->ProcessRequest();

	UE_LOG(LogPlayerFeedbackBlueprintFunctionLibrary, Log, TEXT("UTrvPlayerFeedbackBFL::SubmitPlayerFeedback -  Ticket submitted: %s"), *Message);
}

void UTrvPlayerFeedbackBFL::OnResponseReceived(
	FHttpRequestPtr Request,
	FHttpResponsePtr Response,
	bool bWasSuccessful)
{
	if (!bWasSuccessful || !Response.IsValid())
	{
		UE_LOG(LogTemp, Error, TEXT("UTrvPlayerFeedbackBFL::OnResponseReceived - Request failed"));
		return;
	}

	UE_LOG(LogPlayerFeedbackBlueprintFunctionLibrary, Log, TEXT("UTrvPlayerFeedbackBFL::OnResponseReceived - Response Code: %d"), Response->GetResponseCode());
	UE_LOG(LogPlayerFeedbackBlueprintFunctionLibrary, Log, TEXT("UTrvPlayerFeedbackBFL::OnResponseReceived - Response: %s"), *Response->GetContentAsString());
}

response is 403 and an html that is returned.

Thanks

2

You need your own services and API.

Also the engine browser was discontinued and doesn’t really work. So what you should do is create a c++ class that can be used for sending.

Look up, download, and include an Http Client as well (don’t rely on building with Microsoft’s suggested one).

Then you work the system by sending encoded requests to the API.

You want to create an async compatible system so that you don’t need to wait around on a response that may never come (home networks and connectivity issues and all that).

You also likely want to store the message and prompt to resend if it fails.

So, in essence, make your own thing. Epic’s trash is never any good. And start from the ground up so that you know exactly what you are doing.

In this case the ground floor would be the receiving API.

Like the Epic one, you will need to create and set up an auth mechanism.

normally I would suggest using a certificate Auth and transmitting a custom header, but because the game ships and has to include the cert it’s easy to hack. So a sha25 keyword combo of some sort may be the better option here - if it ever gets exploited you just change the key with the next update. Unless someone reverse engineers your source and spots it, the key is safe…