search

brokenhandsio / vapor-oauth

OAuth2 Provider Library for Vapor
MIT License
130 stars 16 forks source link

Documentation: OAuthHelper not described #18

Closed mynona closed 8 months ago

mynona commented 9 months ago

Hi @0xTim and @marius-se,

This doesn't work: .package(url: "https://github.com/brokenhandsio/vapor-oauth.git", branch: "1.0.0-beta.2")

try addProvider(VaporOAuth.Provider(codeManager: MyCodeManager(), tokenManager: MyTokenManager(), clientRetriever: MyClientRetriever(), authorizeHandler: MyAuthHandler(), userManager: MyUserManager(), validScopes: ["view_profile", "edit_profile"], resourceServerRetriever: MyResourceServerRetriever()))

This works:

app.lifecycle.use(
        OAuth2(
            codeManager: LiveCodeManger(),
            tokenManager: tokenManager,
            clientRetriever: StaticClientRetriever(clients: [someOAuthClient]),
            authorizeHandler: LiveAuthorizeHandler(),
            validScopes: ["admin"],
            //resourceServerRetriever: LiveResourceServerRetriever(),
            oAuthHelper: .local(
                tokenAuthenticator: TokenAuthenticator(),
                userManager: nil,
                tokenManager: tokenManager
            )

        )
    )

But oAuthHelper is not even mentioned in the documentation.

mynona commented 9 months ago

And if you use token-info it would actually be required to use oAuthHelper: .remote as far as I understand the code. It would be nice if a code example could be added how this will look like and if we have to put token-info behind SSH even on the local environment to test it.

As the build fails at the moment (separate issue reported) I could not test it with SSH and I got stuck to call the token-info endpoint, unfortunately.

I am using marius example: https://github.com/marius-se/vapor-oauth2-example

But unfortunately the token introspection part is not covered.

mynona commented 8 months ago

Not needed anymore as this repository changed a lot: https://github.com/vamsii777/vapor-oauth