markkuriekkinen
commented
3 years ago Jaakko wrote in Slack:
Yep. Oauth or such. Basically all EVE 3rd party apps start an local webserver and the login process forwards to that as the final step. This way, the local webserver receives the token. However, I'm not sure how the newer oauth based protocol works, which doesn't require shared secrets. Other tools to copy are docker client and travis ci client. Both solve similar problems. Non-standard would be using embedded browser with a special response (e.g. HTTP header) containing the token. Also, taken from the EVE game client, they started to use native browser in place of QtWebEngine, so authentication with U2F or password managers is possible. I think specially password managers should be supported (thus the native browser). I can share a screen and show how one of the tools have done this to give some ideas, if needed.
In short, I think the HAKA is not anything special. The design should support any kind of authentication protocol, so I think the process should 1) connect A+ for auth providers 2) forward to provider 3) login 4) provide credentials to A+ 5) provide API token to client. Login forms etc. are html pages, so browser/client has to be able to parse or render them.
superseacat
PasiSa
Currently, students need to manually copy-paste personal API tokens from the A+ profile page into the IntelliJ plugin settings.
Investigate how students could easily log into A+ from the IntelliJ plugin without manually copying any tokens. The student should be able to log in with the Aalto/HAKA account.