0xTim
commented
4 years ago Looking at the docs that I can find, it seems Postman has been updated for token. What part of the token flow makes it unpleasant to implement?
Closed microtherion closed 3 years ago
0xTim
commented
4 years ago Looking at the docs that I can find, it seems Postman has been updated for token. What part of the token flow makes it unpleasant to implement?
microtherion
commented
4 years ago See their section JavaScript responses for the response_type: token in https://apidocs.imgur.com/?version=latest#authorization-and-oauth
The problem is that imgur sends the access token as a fragment of the callback URL, not as a query parameter: https://example.com/oauthcallback#access_token=ACCESS_TOKEN&token_type=Bearer&expires_in=3600
This means that my server based app never gets to see the access token, because the fragment in the redirect URL is not passed to the server. Instead, my client code would have to obtain the access token. This is not terribly hard to do, but I don't see how it could be packaged in a library like imperial. We cannot very well serve the javascript code the client uses to redirect to imgur, can we?
Add support for Imgur login. The Imgur protocol uses refresh tokens, so this PR relies on #54
This uses a
codeauthentication flow, which Imgur claims to have deprecated. However:Postmanexamples rely on this authentication flow.tokenauthentication flow is fairly unpleasant for a server based app to use.