Open sandhose opened 8 months ago
When using localhost
as client id, the metadata that will be used by the oauth provider will be an hard coded value (and never be fetched directly by the AS):
https://github.com/bluesky-social/proposals/blob/a3a2994b51957826f8d0c5984e403c500cb82105/0004-oauth/README.md?plain=1#L191-L208
The port number of the redirect_uri
will be ignored, allowing the dev server to run on any port.
The proposal says:
https://github.com/bluesky-social/proposals/blob/a3a2994b51957826f8d0c5984e403c500cb82105/0004-oauth/README.md?plain=1#L148
However, I don't see how localhost could be used for local development? This implies the PDS and the client runs on the same host, and that the client somehow listens with HTTPS on port 443, which usually requires
root
privileges to do