dtinit / data-transfer-project

The Data Transfer Project makes it easy for platforms to build interoperable user data portability features. We are establishing a common framework, including data models and protocols, to enable direct transfer of data both into and out of participating online service providers.
https://dtinit.org/docs/dtp-what-is-it
Apache License 2.0
3.57k stars 481 forks source link

Add username and password auth in addition to OAuth #944

Open jaudriga opened 3 years ago

jaudriga commented 3 years ago

While OAuth is becoming increasingly popular, username/password-based auth is still used widespread by many APIs and protocols (e.g., IMAP, CardDAV/CalDAV, etc.). In order to support as many services/APIs as possible with DTP, it should therefore be possible to use username/password-based auth schemes.

DTP seems to be centered around OAuth for authentication. While there seem to be some pieces of code that are using other Auth Schemes, it is unclear to me how to use it. Additionally, the demo UI currently does not support different auth schemes other than OAuth. I did not find documentation on this as well.

To me it looks like the CookiesAndUrlAuthData class used by Mastodon/Solid might be used for such auth schemes in the authentication adapters somehow. However, some classes seem to be missing for them to be actually usable (e.g. a non-OAuth subclass of AuthDataGenerator)?

wanjoc commented 1 year ago

Is someone already actively working on this issue? If not, can I be assigned to take it forward?