jupjohn
commented
3 weeks ago Been running this for a few days and seems solid 👍
Open Nerixyz opened 1 month ago
jupjohn
commented
3 weeks ago Been running this for a few days and seems solid 👍
iProdigy
commented
3 weeks ago Should we validate that stored tokens have all of DEVICE_AUTH_SCOPES? (or perhaps should be tackled in a separate PR)
Nerixyz
commented
3 weeks ago Should we validate that stored tokens have all of
DEVICE_AUTH_SCOPES? (or perhaps should be tackled in a separate PR)
Twitch does that when we refresh tokens (the last time I tested it). The error you get there is pretty bad, though (iirc, it's the same one you get when the token is invalid). Should be enough to add a message with a link to re-authenticate.
This PR adds support for Twitch's Device code grant flow (DCF). This makes it possible to (effectively) use tokens for much longer without requiring the user to reauthenticate (assuming the scopes didn't change).
Currently, this uses a client-id I created (THIS MUST BE CHANGED BEFORE A MERGE). Because we use the
publicclient type, the client-id is limited to DCF-only (as far as I understand).(effectively) closes https://github.com/Chatterino/chatterino2/discussions/5169.
Here's a cool video I took in February when I started this (hasn't changed much):
https://github.com/Chatterino/chatterino2/assets/19953266/259ba236-3f02-4375-9ef9-c5cc455ebdd9