Closed valerierx closed 1 year ago
sanderDijkxhoorn
commented
1 year ago auth.bereal.team/token?grant_type=firebase: REQUEST: { "client_id" : "ios", "grant_type" : "firebase", "token" : "Some Huge token idk if it is safe to share", "client_secret" : "962D357B-B134-4AB6-8F53-BEA2B7255420" }
RESPONSE: { "refresh_token" : "MyRreshToken", "scope" : "", "token_type" : "bearer", "access_token" : "MyAccessToken", "expires_in" : 3600 }
Is this what you were looking for?
valerierx
commented
1 year ago auth.bereal.team/token?grant_type=firebase: REQUEST: { "client_id" : "ios", "grant_type" : "firebase", "token" : "Some Huge token idk if it is safe to share", "client_secret" : "962D357B-B134-4AB6-8F53-BEA2B7255420" }
RESPONSE: { "refresh_token" : "MyRreshToken", "scope" : "", "token_type" : "bearer", "access_token" : "MyAccessToken", "expires_in" : 3600 }
Is this what you were looking for?
Thanks! Btw do not share the "token" field, it's your own token! Only the client_secret is public!
rvaidun
commented
1 year ago the open source community is so awesome. @VxlerieUwU do you know what the client_secret token is used for? I assumed it wasn't safe to share publicly since variable is named secret.
This is sadly breaking and adds two new tokens: an access_token for mobile.bereal.com and a firebase_token that is used to get user info and later maybe push notifications. I think we can avoid that by storing our user_id inside of the json config. I've closely replicated the login process on Android, maybe some unnecessary requests can be removed.