search

mozilla / fxa-auth-server

DEPRECATED - Migrated to https://github.com/mozilla/fxa
Mozilla Public License 2.0
399 stars 121 forks source link

feat(oauth): Add /oauth/token route, optionally authed via sessionToken #2983

Closed rfk closed 5 years ago

rfk commented 5 years ago

Fixes #2954; Requires #2969.

Here's my draft of how we'd use the new fxa-assertion grant type from #2969 to implenent a /oauth/token endpoint on the auth-server. Needs tests etc, but hopefully gives you a bit of the idea. You can imagine us proceeding to add additional auth-server things to this endpoint, like sending emails and creating/updating device records.

/cc @vladikoff

vladikoff commented 5 years ago

@rfk please see https://github.com/mozilla/fxa-auth-server/pull/2985/commits/e2e9bd1f0485f1574438413d57af68556df32b11 for fixes that make the thing work PLUS notification changes.

You might want to just pull in this test as part of your PR: https://github.com/mozilla/fxa-auth-server/pull/2985/commits/e2e9bd1f0485f1574438413d57af68556df32b11#diff-f937281b7df79ecdc72113577100bbae

Let me know!

rfk commented 5 years ago

Thanks @vladikoff! I've pulled your fixes and tests into this branch, will work on adding a few more tests shortly.

rfk commented 5 years ago

Thanks for the review @shane-tomlinson! I want to add a couple more tests before merging this but feel like it's in good shape overall.

rfk commented 5 years ago

OK, I'm pretty happy with the test coverage on this now. It needs to be pointed at master once the earlier PRs have landed. @vladikoff want to give it a final once-over?

vladikoff commented 5 years ago

Changing base to master...