adding identity auth checking for a reddit user

[stedn]

Adding a method to allow authentication of a reddit user as part of the goal of adding reddit to bridgy. Not sure if this is everything that's needed in this part of the project, but I figured I'd work on one thing at a time.

For implementation, it seems that reddit's Oauth confirmation method is a little different from the normal flow. See comments in the reddit.py for refs on why it's done this way.

(PS this took me way longer than I thought it would, but i now somewhat understand how oauth works, which is cool)

[snarfed]

awesome! this is a great first pass. if you want, we can probably merge with pretty minimal changes, and then you can add access token and user info fetching in another PR, or you can do them directly in this PR. up to you!

[snarfed]

oh ugh i see, their access tokens only last for 60m, so you have to refresh after that. ok, understood. https://github.com/reddit-archive/reddit/wiki/OAuth2#refreshing-the-token

except then the access_token() method should probably actually do the refresh and return a real access token, right? feel free to punt that to another PR if you want!

[stedn]

conceptually returning the access_token makes sense, but after spending a while on it, I'm pretty sure praw doesn't give access to that directly. instead they've written it so that you pass the refresh_token to the api every time. do you know how i can change things to accommodate that? otherwise i guess i could write the authorize http request myself, but I'm not super familiar with how to do that.

[snarfed]

ah, got it! totally fine. exposing refresh token directly makes sense then, just name the method refresh_token(), and omit an access_token() method entirely. you can briefly mention which methods are available and not like this:

oauth-dropins/oauth_dropins/github.py

Line 65 in afe5cc9

GitHub-specific details: implements get() but not urlopen(), or api().

[stedn]

so i tried this originally, but it seems that access_token() is required by oauth_dropins/models.py. I got a NotImplementedError when i remove that function. Also it seems I can't have both a refresh_token attribute and a refresh_token method in the same class, should i just omit the method?

and did you mean to link to that table in praw? or were you trying to link to an example from this repo?

[snarfed]

hah sorry, yeah, misfired with the link.

ohhh is it this call that dies?

oauth-dropins/oauth_dropins/handlers.py

Line 203 in afe5cc9

token = auth_entity.access_token()

it's not strictly necessary. maybe we wrapp it in a try/catch NotImplementedError and just omit the token in that case?

[stedn]

OK, try catch on the NotImplementedError is in place. Hopefully this wraps it up? Now onto the actual hard stuff 😅

[snarfed]

looks like you maybe still need to git add models.py?

[stedn]

i added the try except to the handlers.py. can you see that?

[snarfed]

oh! sorry! yes, got it now.

[stedn]

i think i took care of most of the stuff. let me know if you know any way to get the actual access token.

[snarfed]

ah, got it! totally fine. exposing refresh token directly makes sense then, just name the method refresh_token(), and omit an access_token() method entirely. you can briefly mention which methods are available and not like this:

oauth-dropins/oauth_dropins/github.py

Line 65 in afe5cc9

GitHub-specific details: implements get() but not urlopen(), or api().

[snarfed]

oh, also, are you able to add me to your reddit API app? my username is schnarfed.

if not, no worries, i can just make my own app.

[stedn]

i think you've been added to the API. let me know if you want me to send you the app keys and such.

[snarfed]

oh! sorry! yes, got it now.

[snarfed]

woo, congrats! i'm off to create some more dedicated API keys for oauth-dropins and granary and try it myself.

[stedn]

sweet! i plan to start looking over granary tomorrow night, though i expect that'll take longer to figure out.