Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for OAuth login #27

Merged
merged 2 commits into from Dec 1, 2019
Merged

Add support for OAuth login #27

merged 2 commits into from Dec 1, 2019

Conversation

@tulir
Copy link
Contributor

tulir commented Nov 26, 2019

Flow:

  1. Bridge admin configures bridge with slack app credentials and reverse proxying for oauth callback
  2. User runs link
  3. User clicks link in error message
  4. User logs into Slack and accepts app
  5. Slack redirects user to redirectPath, which shows the access token
  6. User copies access token and runs link <token>

If getDataFromStrHook got the user's mxid, the last step could be automated, but this is good enough for now.

The app on Slack doesn't need to be configured to allow any specific scopes. It requests the client scope, which isn't visible in the slack app management scope selector, but it works anyway and it's somewhat documented at https://api.slack.com/scopes/client

Copy link
Owner

Sorunome left a comment

Why not use the reply collection thingy so that the user just writes <token> instead of link <token>? (Just asking for thought process)

Other than that, looking good

src/oauth.ts Outdated Show resolved Hide resolved
@tulir

This comment has been minimized.

Copy link
Contributor Author

tulir commented Nov 27, 2019

Why not use the reply collection thingy so that the user just writes instead of link ? (Just asking for thought process)

The user might not want that since they can also use a legacy token or run some other command. Really the flow shouldn't involve the user writing anything, it should just automatically create the link after it gets the callback.

@Sorunome Sorunome merged commit ca503a6 into Sorunome:master Dec 1, 2019
@tulir tulir deleted the tulir:oauth branch Dec 1, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.