Open louischan-oursky opened 4 years ago
core
packages and remove irrelevant stuff/merge into auth
package/new repo?Do we want to cleanup the core packages and remove irrelevant stuff/merge into auth package/new repo?
Sure!
Do we want to do #1433 as part of refactor? (i.e. use library instead of hand-rolled OAuth implementation)
As long as we have time. So this is not of our first priority.
We may also want to cleanup the configuration.
For example?
I suppose we can drop access key entirely now.
We still have the concept of client ID
We may also want to cleanup the configuration.
- double
api_version
in app_config?app_id
should not be needed.- flatten
app_config
?- template configuration need rework?
- do we refactor the secrets out of config now?
- no need OAuth scopes?
We still have the concept of client ID
Yes we do have it, but we can stop accepting it through the access key header, thus removing the concept of access key entirely.
double api_version in app_config?
Can remove them entirely.
app_id should not be needed.
Should be OK.
flatten app_config? template configuration need rework?
I am fine with it.
do we refactor the secrets out of config now?
Good idea. But we may not have time to do secret management in this sprint. What temporary solution do we have? Load another file?
Maybe just start a new one instead of moving skygeario/guides to authgear/docs?
/_auth/session/resolve
to something elseskygear_user
in ID token claimsis_anonymous
metadata
session
in hook contextonAccessTokenExpired
(single handler)onRefreshTokenExpired
(single handler)onAccessTokenExpired
handler to refresh access token