[Proposal 0004] Simple and working exaple with cURL

[PIPOGit]

Hi all.

Can some put a valid and real example of how to work with OAuth authentication under Bluesky?

All steps, commented, to understand all things.

Thanks in advance.

[bnewbold]

It is pretty tricky to do all of this with curl. In particular, you need to have a client metadata document (JSON) hosted somewhere on the internet.

This python example goes through all the steps explicitly: https://github.com/bluesky-social/cookbook/tree/main/python-oauth-web-app

[PIPOGit]

Well... In fact, I'd like to check a couple of things: 1.- The "client metadata document" needs to be served under an "https" protocol; so it needs a VALID digital certificate. It means, I can not create and use a self-signed one, only valid certificates are allowed, restricting clients (not anyone has a "valid" https server). And 2.- The DPoP key, should use the same digital certificate than above or can be whatever certificate I want? Thanks!