Open gdavison opened 3 years ago
I'm willing to add this if someone wants to write the code :+1:
I can write it up. I have a hacked-up version already, but it only does HTTPS now 😂 The config should be easy enough.
Design question: should each service potentially have its own certificates, or can they share a key? If shared, do they need to be stable, or generated if needed? Generated if needed seems like the simplest option, with an enhancement if specific certificates are needed for a service.
The OAuth 2.0 Authorization Code workflow currently runs a local HTTP server to handle redirects. Some APIs, such as the Destiny API, do not allow HTTP redirect URLs to be configured.
A configuration option could be added to serve the redirect handler with HTTPS with a provided certificate, or
restish
could generate its own certificate.