[x] Query tool will redirect user to authenticate using IdP
[x] Query tool should get back a code from IdP (via a redirect URL)
[x] Query tool provides code back to IdP to get an access token and ID token in exchange
~- [ ] Query tool needs to verify received ID token's validity using IdP's public keys (existing JWT libraries have functionality to do this)~
[ ] (Maybe) Query tool can then exchange access token for user profile pic from identity resource API
or, alternatively, query tool just displays the IdP user ID directly
[x] Query tool now displays the user profile pic from IdP, and can also display the name (taken from the ID token probably)
[x] When user submits a query, query tool sends a request to f-API, along with the ID & access tokens
Questions
Do we want to make it so the user doesn't have to login on every refresh? i.e., do we want to use a session?
Why doesn't Google Authentication work as expected with 127.0.0.1?
(this assumes the implicit OAuth2 scheme)
Questions
127.0.0.1
?