Hey I was just thinking that rather than using the frontend to send the access token what if the access token stored in the backend is used to make the request to the Oauth server.
I think I should explain what I was trying to do here... I have a project built using django and I recently created a graphql API using django graphene. originally the project had python social auth and was using it to login thru google using the secrets stored in the backends' .env file.
now since I have the grqphql API in place I want to just use a mutation to take the provider as an argument from my frontend and then the backend using the keys stored in the .env file make all the network calls, like exchanging auth code for token etc., to the Oauth2.0 auth server and resource server to get back a JWT token (in my case I am using JWT tokens for auth) and then that mutation will return a response just like this project does.
Hey I was just thinking that rather than using the frontend to send the access token what if the access token stored in the backend is used to make the request to the Oauth server.
I think I should explain what I was trying to do here... I have a project built using django and I recently created a graphql API using django graphene. originally the project had python social auth and was using it to login thru google using the secrets stored in the backends'
.envfile.now since I have the grqphql API in place I want to just use a mutation to take the provider as an argument from my frontend and then the backend using the keys stored in the
.envfile make all the network calls, like exchanging auth code for token etc., to the Oauth2.0 auth server and resource server to get back a JWT token (in my case I am using JWT tokens for auth) and then that mutation will return a response just like this project does.