Add different authentication flows

[luxkatana]

Ik heb toegevoegd dat er diverse "flows" zijn bij het inloggen van het "mimicking the SOMToday app/webapp"

[MattterSteege]

Okay, so it looks nice but if your already busy you can just as wel change the client id and the redirect url: https://discord.com/channels/789249810032361502/789249810032361508/1254177040232616056 You need the somtoday-leerling-native id and url for the ... mimicking... section (beware of the example urls too!)

Also you can remove (or clone and update if possible) the run in postman banner.

And am I missing the username auth part in the username-first flow?

And mabye add "(possibly deprecated)" to the "Fetching the access token via SOMtoday login"

Other than that, is it really nice. 👍

[luxkatana]

And am I missing the username auth part in the username-first flow?

It already gets sent when deciding what type of flow it is. I have add more information about how it works when I get back hom!

• [x] Added deprecation label
• [x] change client id and redirect uri
• [ ] update postman banner

[luxkatana]

I added the deprecation label in this commit. I'll do the rest soon ASAP

[luxkatana]

This commit has applied the following things:

• change the redirect_uri and client_id
• Explaination for username first-flow

[MattterSteege]

I still don't understand how you send your username, because I honestly don't see it anywhere. Does it belong here:

POST /0-1.-panel-signInForm&auth=<authorization_code>
Origin: https://inloggen.somtoday.nl

Or am I really missing something, can you give a line number or something?

[luxkatana]

I still don't understand how you send your username, because I honestly don't see it anywhere. Does it belong here:

POST /0-1.-panel-signInForm&auth=<authorization_code>
Origin: https://inloggen.somtoday.nl

Or am I really missing something, can you give a line number or something?

Yeah it's that. We send the username first to decide what flow it is. If it is an username first-flow, then we only have to send the password (we sent the username to decide what type of flow it is)

[MattterSteege]

Yeah but like, then we need to send the username with that POST request right? Is that in the body or params (or headers :P)

[luxkatana]

SHOOT forgot to add that my bad :P

[luxkatana]

I changed the following things in this commit:

• the redirect_uri and the client_id from that "example url" in step 1
• Add body username to decide what flow it is

[MattterSteege]

Aha, that's how I like to see it ;). It looks very nice so props to you.

I have (bare with me) a couple of wording changes, but I'll do that tomorrow. The only thing you need to do is wait till tomorrow and accept my changes :).

So the PR will be merged tommorow 🤞

[luxkatana]

Aha, that's how I like to see it ;). It looks very nice so props to you.

I have (bare with me) a couple of wording changes, but I'll do that tomorrow. The only thing you need to do is wait till tomorrow and accept my changes :).

So the PR will be merged tommorow 🤞

okie dank you very much

[luxkatana]

but I dont have a beer or a bear

[luxkatana]

goed

[MattterSteege]

Congrats @luxkatana

[luxkatana]

thank you very matts