search

ccpgames / sso-issues

Please file issues with the CCP SSO (login.eveonline.com) here.
17 stars 1 forks source link

Request to implentment OAuth 2.0 Device Flow #65

Open hanyuwei70 opened 3 years ago

hanyuwei70 commented 3 years ago

Feature / Modification Request

Description

Device flow now is as RFC8628 which improves security because it prevented response_code accidently leakage.

Use case

All SSO scenario.

Robbilie commented 3 years ago

What do you want to use this for? This flow is intended for stuff like vehicles, tvs etc afak :thinking:

hanyuwei70 commented 3 years ago

For general purpose SSO. It can use EVE client as authentication method to prevent user input passwords on web browsers.

ghost commented 2 years ago

This would be useful for command line tools, headless tools on server processing pipelines and libraries/runtimes that have no easy capability to run a browser or redirect flow. Also currently EveMon on Linux/Wine/Mono has no HttpListener implemented that can actually listen for the redirect since Wine does not implement HTTP.sys for it. Somebody might also wish to create a smart TV application, or a plug-in for Kodi media player, or Qt Automotive and Android Auto. Perhaps a smart watch app too.

See https://oauth.net/2/grant-types/device-code/ for device grant flow.