search

oauth-wg / oauth-browser-based-apps

Best practices for OAuth in Browser-Based Apps
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps
Other
25 stars 12 forks source link

Add architectural pattern of using a Service Worker as the OAuth client #3

Closed aaronpk closed 2 years ago

aaronpk commented 4 years ago

keeps the access token and refresh token out of the DOM-accessible JS, only accessible from within the Service Worker

https://gitlab.com/jimdigriz/oauth2-worker

aaronpk commented 2 years ago

Done in #19

jimdigriz commented 2 years ago

https://gitlab.com/jimdigriz/oauth2-worker

For the history books, now at https://github.com/jimdigriz/oauth2-worker