JabRefOnline icon indicating copy to clipboard operation
JabRefOnline copied to clipboard

Published 20 hours ago verified publisher icon JabRef

Setup OAuth

Open tobiasdiez opened this issue 4 years ago • 1 comments

So that users can authorize other services to access their data. Should be done in the context of https://github.com/JabRef/JabRefOnline/issues/635.

Implementation: https://www.npmjs.com/package/oidc-provider

  • Also allow the access token to be submitted via http header (cookie for browser-based requests, header for requests say from severs)

In particular, we may use the "Device code" flow for JabRef Desktop.

  • General docs: https://datatracker.ietf.org/doc/html/rfc8628
  • Use verification_uri_complete and open it when user clicks "login in browser". Then user has to only check that the code is indeed the same (to double check the device)
  • Discussed in more detail here: https://thomaslevesque.com/2020/03/28/using-the-oauth-2-0-device-flow-to-authenticate-users-in-desktop-apps/

tobiasdiez avatar Oct 29 '21 14:10 tobiasdiez

Blocked by https://github.com/JabRef/JabRefOnline/issues/635.

tobiasdiez avatar Sep 15 '22 17:09 tobiasdiez