jasonaowen
commented
2 years ago Note: we will need to coordinate with @smpsnr before merging, because the OTS installation is depending on this branch.
Closed jasonaowen closed 2 years ago
jasonaowen
commented
2 years ago Note: we will need to coordinate with @smpsnr before merging, because the OTS installation is depending on this branch.
cecilia-donnelly
commented
2 years ago @jasonaowen , have you talked to @smpsnr about merging this? Do we have an expected date?
jasonaowen
commented
2 years ago @jasonaowen , have you talked to @smpsnr about merging this? Do we have an expected date?
I did! He pinned to a commit on OTS's side, so we're safe to merge this whenever. I just need to make the suggested rename change, which I intend to do this afternoon.
Add a way for authenticating to the Permanent API via OAuth. This is critical functionality for our partners, and particularly for our Etherpad plugin.
As before, some private configuration is required: clients need an OAuth client ID and client secret, which can only be issued by Permanent. Once that's done, they can initiate an Authorization Code Grant login flow[1]. When the user returns to their application, they can then complete the flow to get an instance of the
Permanentclient that is configured with the token.Behind the scenes, we are using simple-oauth2 (npm[2], repo[3]) to handle the OAuth workflow.
This new functionality should work alongside the legacy session-based authentication, and so should not break any existing clients.