OAUTH: how can an atproto PDS do discovery for the `localhost` "global client ID"?

bluesky-social / proposals

Bluesky proposal discussions

89 stars 9 forks source link

OAUTH: how can an atproto PDS do discovery for the `localhost` "global client ID"? #52

Open sandhose opened 8 months ago

sandhose commented 8 months ago

The proposal says:

https://github.com/bluesky-social/proposals/blob/a3a2994b51957826f8d0c5984e403c500cb82105/0004-oauth/README.md?plain=1#L148

However, I don't see how localhost could be used for local development? This implies the PDS and the client runs on the same host, and that the client somehow listens with HTTPS on port 443, which usually requires root privileges to do

matthieusieben commented 8 months ago

When using localhost as client id, the metadata that will be used by the oauth provider will be an hard coded value (and never be fetched directly by the AS):

https://github.com/bluesky-social/proposals/blob/a3a2994b51957826f8d0c5984e403c500cb82105/0004-oauth/README.md?plain=1#L191-L208 The port number of the redirect_uri will be ignored, allowing the dev server to run on any port.