Skip to content

Device Code Authorization Grant #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
May 29, 2025
Merged

Device Code Authorization Grant #29

merged 9 commits into from
May 29, 2025

Conversation

codefiesta
Copy link
Owner

@codefiesta codefiesta commented May 29, 2025
edited
Loading

Description

Implements the device code authorization grant workflow to allow tvOS (or any other apps that don't have access to a web browser) to leverage OAuthKit.

The Device Code Authorization Grant Workflow consists of the following:

1. Request Device Code:

  • The OAuth client initiates the authorization process by sending a request to the provider deviceCodeURL with the clientID and desired scopes.
  • This request returns a device code, a user code, a verification URI, and an interval indicating how often the app should poll for authorization.
  • The user code is displayed to the user, and the verification URI is the URL they should visit in a web browser.

2. User Authorization:

  • The user opens the verification URI in a web browser and enters the provided user code.
  • The user authenticates with the provider, granting the app the requested permissions.

3. App Polling for Authorization:

  • While the user is entering the code, the OAuth client will be polling the accessTokenURL endpoint in the background.
    This polling continues until the user completes the authorization, or the device and user codes expire.
  • The client_id and device_code obtained in step 1 are used in these polling requests.
  • The grant_type must be urn:ietf:params:oauth:grant-type:device_code.

See:

Fixes #4

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

@codefiesta codefiesta self-assigned this May 29, 2025
@codefiesta codefiesta marked this pull request as ready for review May 29, 2025 21:58
codefiesta
codefiesta commented May 29, 2025
View reviewed changes
Sources/OAuthKit/OAuth.swift
/// - Provider: the oauth provider
case authorizing(Provider)
/// - GrantType: the grant type
case authorizing(Provider, GrantType)
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ NOTE: Sending the GrantType is the breaking change in this PR. Downstream apps will need to update or stay at the 0.0.5 tag until they can update.

@codefiesta codefiesta added enhancement New feature or request security Security related request or issue. PRs with this label will run CodeQL scans. labels May 29, 2025
@codefiesta codefiesta merged commit f7807ed into main May 29, 2025
3 checks passed
@codefiesta codefiesta deleted the device_code branch May 29, 2025 22:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@codefiesta codefiesta

Labels
enhancement New feature or request security Security related request or issue. PRs with this label will run CodeQL scans.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

tvOS Implementation and Example
1 participant
@codefiesta