Enable sync functionality in the web client

palant / pfp

A simple and secure browser extension to be used with KeePass databases.

https://pfp.works/

Mozilla Public License 2.0

113 stars 14 forks source link

Enable sync functionality in the web client #84

Closed palant closed 6 years ago

palant commented 6 years ago

As implemented in #24, the sync functionality is disabled in the web client. The difficulty is getting the access token. Since we don't know where the web client will be installed (typically, it will even be running from file:///), receiving the access token the usual way won't work. It seems that we'll need to set up a page (https://pfp.works/webclient/redirect_receiver I guess) that will display the access token and let the user copy it into the web client. Unfortunately, it doesn't look like Dropbox provides such a page, not taking the detour via pfp.works would have been better.

palant commented 6 years ago

Interestingly, Google Drive supports urn:ietf:wg:oauth:2.0:oob as redirect URI which allows manual copy and paste. However, it doesn't seem to be supported for the implicit flow which one is bound to use here.

palant commented 6 years ago

This works with Google Drive now. It should be good enough, I'll not set up a redirect receiver from Dropbox if they don't provide one.

palant commented 6 years ago

Asked about this under https://www.dropboxforum.com/t5/API-support/Authorization-via-copy-paste-of-OAuth2-access-token/m-p/267837

palant commented 6 years ago

Apparently, Dropbox has the necessary page under https://www.dropbox.com/1/oauth2/display_token - good to know. Reopening, supporting Dropbox in the web client should be easy then.