Closed jasonaowen closed 2 years ago
Note: we will need to coordinate with @smpsnr before merging, because the OTS installation is depending on this branch.
@jasonaowen , have you talked to @smpsnr about merging this? Do we have an expected date?
@jasonaowen , have you talked to @smpsnr about merging this? Do we have an expected date?
I did! He pinned to a commit on OTS's side, so we're safe to merge this whenever. I just need to make the suggested rename change, which I intend to do this afternoon.
Add a way for authenticating to the Permanent API via OAuth. This is critical functionality for our partners, and particularly for our Etherpad plugin.
As before, some private configuration is required: clients need an OAuth client ID and client secret, which can only be issued by Permanent. Once that's done, they can initiate an Authorization Code Grant login flow[1]. When the user returns to their application, they can then complete the flow to get an instance of the
Permanent
client that is configured with the token.Behind the scenes, we are using simple-oauth2 (npm[2], repo[3]) to handle the OAuth workflow.
This new functionality should work alongside the legacy session-based authentication, and so should not break any existing clients.