Added OAuth for Web (when you can keep the secret safe) #124
Conversation
There was a problem hiding this comment.
After a lot of thinking back and forth, in my opinion your solution is the best way to go!
Make the old methods deprecated and throw an exception, to make the users change to the new ones. In a later version we can finally remove them.
Please add comments to the authWeb/authDesktop in the Builder and perhaps also add a class comment that points to the documentation for the "new way".
The builder is the entrance point for the user of the library.
We should create two test classes that show the new implementation ways for web and desktop or document that in a code example in the Readme.md or perhaps create two wiki pages or Readmes that document it. I would try to go the test way, but I'm not into the flows currently and don't know if it is actually possible to create tests for it! Then just link to that tests in the readme.
- Suggested changes - Added test_config.properties to store the test config, as refresh tokens will be rotating soon. Environment variables will no longer work, as they can not be updated - Fixed a bug in the Web Flow
First draft
|
Okay, this is ready for another review. |
|
Quick'ish recap:
|
test_config.properties
Outdated
| SSO_REFRESH_TOKEN_PUBLIC_DATA=lHpAdmZPNU6JdmvLx/QJlA\=\= | ||
| SSO_CLIENT_SECRET=fwUmlKCkuyxfTRAtxe0MMCs6U9tz1NSBQCMiJ1Zq | ||
| SSO_REFRESH_TOKEN_WEB=spPlRlScqEKoJmSuLhrLSA\=\= | ||
| SSO_REFRESH_TOKEN_NATIVE=fJvG7VxoNEmAAcajcIcNcA\=\= | ||
| SSO_CLIENT_ID=578b125ec8194eec8ede735514acf2fd |
There was a problem hiding this comment.
Yes, that happened!
I have deleted the application now, so, should be okay
No description provided.