Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authenticating with an installed app, app type #43

Closed
Ivaskuu opened this issue Mar 22, 2018 · 15 comments · Fixed by #145
Closed

Authenticating with an installed app, app type #43

Ivaskuu opened this issue Mar 22, 2018 · 15 comments · Fixed by #145
Labels
question

Comments

@Ivaskuu
Copy link

Ivaskuu commented Mar 22, 2018

Hi!

How could I init DRAW if I have an installed app type for reddit? Does DRAW support this type of app?
I've tried the base Reddit.createInstance and specifying only the clientId, redirectUri and userAgent, but it doesn't seem to work.

For instance, this is what I am trying to get:
Example

Thank you for the plugin, and for the help.
@bkonyi
Copy link
Member

bkonyi commented Mar 23, 2018
edited
Loading

Hi @Ivaskuu,

Thanks for the issue! It looks like there's some potential issues with providing the arguments to Reddit.createInstance but we can get around this for now using a draw.ini configuration file. Here's some example code:

import 'package:draw/draw.dart';

main() async {
  // Create a `Reddit` instance using a configuration file.
  final reddit = await Reddit.createInstance(userAgent: 'foobar', configUri: Uri.parse('draw.ini'));

  // Build the URL used for authentication. See documentation for `WebAuthenticator` for parameters.
  final auth_url = reddit.auth.url(['*'], 'foobar'));
  
  // ...
  // Complete authentication at `auth_url` in the browser and retrieve the `code` query
  // parameter from the redirect URL.
  // ...

  // Assuming the `code` query parameter is stored in a variable `auth_code`, we pass it to the
  // `authorize` method in the `WebAuthenticator`.
  await reddit.auth.authorize(auth_code);

  // If everything worked correctly, we should be able to retrieve information about the authenticated
  // account.
  print(await reddit.user.me());
}

And here's an example draw.ini suitable for web based authentication:

default=default
reddit_url='https://www.reddit.com'
oauth_url=https://oauth.reddit.com
redirect_uri=https://www.google.com
client_id=YOUR_CLIENT_ID_HERE
client_secret=YOUR_SECRET_HERE
userAgent=draw_testing_agent

I've registered my Reddit application's redirect URI to be https://www.google.com, but you'll need to replace that with whatever redirect you have registered.

The format of draw.ini configuration files is very similar to that of praw.ini files used by PRAW, although there may be some minor differences due to the .ini parser we've used and what we've had a chance to implement.

If you have any more issues, please feel free to ask us through GitHub issues or our Gitter chat and I'll get back to you ASAP.

@bkonyi bkonyi closed this as completed Mar 23, 2018
@Ivaskuu
Copy link
Author

Ivaskuu commented Mar 24, 2018
edited
Loading

Excuse me, @bkonyi, but in your example, reddit.auth doesn't have a an url() or authorize() method..
Upon further investigation, I've discovered that Reddit.auth returns an Authenticator object, and not a WebAuthenticator. I've tried messing with WebAuthenticator but can't understand how to instance it or make it work... :(

@bkonyi
Copy link
Member

bkonyi commented Mar 24, 2018

I'm guessing you're using an IDE like Intellij or Visual Studio Code? If so, you might see the errors under those lines (I should update the base Authenticator to have url() and authorize() which throw an unsupported error for other authentication types). Reddit.createInstance() returns an Authenticator, which is a super-type of ScriptAuthenticator, ReadOnlyAuthenticator, and WebAuthenticator, so you should just need a typecast here.

Doing the following should work:

// Putting a type on the left-hand side will cast the `Authenticator` into a `WebAuthenticator`.
// You could also do `(reddit.auth as WebAuthenticator).url()`, but that gets messy if you need to do it
// more than once.
final WebAuthenticator auth = reddit.auth;

// Build the URL used for authentication. See documentation for `WebAuthenticator` for parameters.
final auth_url = auth.url(['*'], 'foobar'));

// ...
// Complete authentication at `auth_url` in the browser and retrieve the `code` query
// parameter from the redirect URL.
// ...

// Assuming the `code` query parameter is stored in a variable `auth_code`, we pass it to the
// `authorize` method in the `WebAuthenticator`.
await auth.authorize(auth_code);

@StefanLobbenmeier
Copy link
Contributor

StefanLobbenmeier commented Feb 1, 2019
edited
Loading

Sorry for commenting on this long closed issue, but I wanted to let you know that I struggled with the same question and could not find any documentation on the error. When chosing the type "installed app", you dont have a secret, yet there is no constructor in DRAW that doesnt contain a secret except for the UntrustedReadOnlyIntstance. I ended up solving this issue like this:

`

// Create a Reddit instance using a configuration file in the
// current directory.
_reddit = await Reddit.createWebFlowInstance(
  clientId: client_id,
  clientSecret: "", //not null, but empty string
  userAgent: userAgent,
  redirectUri: Uri.parse(redirect_url),
);

`

but I would much rather prefer having a dedicated constructor that does the same. What do you think?

(By the way, using draw: ^0.4.6+1)

@bkonyi
Copy link
Member

bkonyi commented Feb 2, 2019

Sorry for commenting on this long closed issue, but I wanted to let you know that I struggled with the same question and could not find any documentation on the error. When chosing the type "installed app", you dont have a secret, yet there is no constructor in DRAW that doesnt contain a secret except for the UntrustedReadOnlyIntstance. I ended up solving this issue like this:

`

// Create a Reddit instance using a configuration file in the
// current directory.
_reddit = await Reddit.createWebFlowInstance(
  clientId: client_id,
  clientSecret: "", //not null, but empty string
  userAgent: userAgent,
  redirectUri: Uri.parse(redirect_url),
);

`

but I would much rather prefer having a dedicated constructor that does the same. What do you think?

(By the way, using draw: ^0.4.6+1)

Ah, this must have been an oversight on my part when I made individual static methods for each authentication type to replace the catch-all createInstance method. I'll add a createInstalledAppInstance method which does what you suggest. Thanks!

@naiveai
Copy link

naiveai commented May 21, 2019

@bkonyi Really sorry for annoying you, but there doesn't appear to be this - does the empty client secret thing still work?

@StefanLobbenmeier
Copy link
Contributor

Hi :) putting an empty client secret ("") still works for me.

@bkonyi bkonyi reopened this May 21, 2019
@bkonyi
Copy link
Member

bkonyi commented May 21, 2019

Obviously there's still some confusion here, so I'll reopen this issue. @StefanLobbenmeier, @naiveai what's the use case you have? What's the expected behavior?

@naiveai
Copy link

naiveai commented May 22, 2019

The use case is to use DRAW in a Flutter app, using the installed app type in Reddit's app registration. There is no secret provided to us when doing this, so we have to simply pass it in as empty when creating a Reddit instance. I ended up doing that and it worked, so all it needs at this point is a dedicated constructor that passes in clientSecret: '' to reduce confusion.

@bkonyi
Copy link
Member

bkonyi commented May 30, 2019

Hm, I totally thought I had covered this case... anyway, I'll add a proper way to initialize for an installed application type.

bkonyi added a commit that referenced this issue May 31, 2019
@bkonyi
Added Reddit.createInstalledFlowInstance to allow for authentication of
4393392 
installed applications.

Fixes #43
@bkonyi bkonyi mentioned this issue May 31, 2019
Merged
bkonyi added a commit that referenced this issue May 31, 2019
@bkonyi
Added Reddit.createInstalledFlowInstance to allow for authentication …
e01dce2 
…of (#145)

installed applications.

Fixes #43
@bkonyi
Copy link
Member

bkonyi commented May 31, 2019

Reddit.createInstalledFlowInstance will be available as of version 0.5.2 which I'll likely release today.

@naiveai
Copy link

naiveai commented Jun 2, 2019

Minor problem, restoreAuthenticatedInstance still requires clientSecret. But eh, that's really not much. Thanks for updating DRAW, and for the support you provide!

@StefanLobbenmeier
Copy link
Contributor

StefanLobbenmeier commented Jun 2, 2019 via email

@naiveai
Copy link

naiveai commented Jun 2, 2019

@StefanLobbenmeier the client secret doesn't exist with installed apps, so I'm not sure what you mean here.

@bkonyi
Copy link
Member

bkonyi commented Jun 3, 2019

Minor problem, restoreAuthenticatedInstance still requires clientSecret. But eh, that's really not much. Thanks for updating DRAW, and for the support you provide!

Whoops, totally forgot about that! Thanks for pointing it out, I'll update things :)

@bkonyi bkonyi mentioned this issue Jun 3, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
4 participants
@bkonyi @Ivaskuu @StefanLobbenmeier @naiveai