Closed mdroidian closed 5 months ago
This PR sets up a access-token specific api endpoint to be called from /oauth/{id} and extensions.
access-token
/oauth/{id}
This will be used when the extension doesn't allow for a popup window to pass a postMessage (eg: electron apps).
postMessage
The extension will pass a state string via searchParams following this pattern: https://github.com/RoamJS/roamjs-components/blob/main/src/components/ExternalLogin.tsx#L49
state
While this solves for the GitHub Authorizing Oauth Apps, it does not solve for when a user installs the GitHub App that has Request user authorization (OAuth) during installation toggled on, as the state isn't passed on.
Request user authorization (OAuth) during installation
This PR sets up a
access-token
specific api endpoint to be called from/oauth/{id}
and extensions.This will be used when the extension doesn't allow for a popup window to pass a
postMessage
(eg: electron apps).The extension will pass a
state
string via searchParams following this pattern: https://github.com/RoamJS/roamjs-components/blob/main/src/components/ExternalLogin.tsx#L49While this solves for the GitHub Authorizing Oauth Apps, it does not solve for when a user installs the GitHub App that has
Request user authorization (OAuth) during installation
toggled on, as thestate
isn't passed on.