Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jReddit OAuth2 Landing Page #134

Open
snkas opened this issue Jun 17, 2015 · 1 comment
Open

jReddit OAuth2 Landing Page #134

snkas opened this issue Jun 17, 2015 · 1 comment

Comments

@snkas
Copy link
Contributor

snkas commented Jun 17, 2015

For jReddit to support, it would be nice to offer two user-friendly landing pages, respectively for the code flow and the implicit grant flow.

Two landing pages should be created:
https://jreddit.github.com/auth/codeflow
https://jreddit.github.com/auth/implgrantflow

Code flow specifications

Code flow will receive the following three query parameters:

  • error: string (four possible values, a separate error message for each would be nice)
  • code: string
  • state: string

The error parameter is only if the authorization failed.
The code and state should be displayed in the center of the page, preferably with a modern layout.

Implicit grant flow specifications

Implicit grant flow will receive only one query parameter:

  • error: string (four possible values, a separate error message for each would be nice)

The error parameter is only if the authorization failed.
The rest of the data is given via POST data: access_token, token_type, expires_in, scope, state
All this POST data values need to be displayed again in the center of the page, with labels what they are.

Why do we need this?

Because OAuth2 requires user authorization. This jReddit landing page should only be used for testing purposes, as in live coding it could be considered an unreliable third party. Ofcourse, as a developer, you could also give http://www.google.com/ as redirect URI, and just copy paste directly from the URI parameters in the code flow case (if you trust Google). The code flow is the preferred way of authentication, and allows the setting of duration (temporary or permanent), whereas the implicit grant flow does not.

@sfat ? Or anyone interested in creating a little website on Github Pages? I would prefer it to be in control of the jReddit administrators, rather than a third party. MIT license applies.

For more information, see the OAuth2 reddit specifications:
https://github.com/reddit/reddit/wiki/OAuth2
@sfat
Copy link

sfat commented Jun 23, 2015

I am not 100% what I need to do. I'll need to read a bit about this. There is the github pages for jreddit on the organization page. I am pretty sure you can make there a PR to add these stuff.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sfat @snkas