Implement OAuth 2.0 Authorization Code Flow with PKCE

dwavesystems / dwave-cloud-client

A minimal implementation of the REST interface used to communicate with D-Wave Solver API (SAPI) servers.

Apache License 2.0

59 stars 40 forks source link

Closed randomir closed 1 year ago

randomir commented 1 year ago

Requirements:

Use OAuth 2.0 Authorization Code exchange flow, but for additional security (since the client is public) use Proof Key for Code Exchange (PKCE) extension
OAuth client (ID) should not be hard-coded, but configured externally (config file, env var, etc)
Ask for at least get_token scope, but possibly additional. Try avoid getting any PII for compliance in cloud environments.