freesound icon indicating copy to clipboard operation
freesound copied to clipboard
verified publisher icon MTG

Add redirect support for iOS app URL schemes

Open nikhilsinghmus opened this issue 7 years ago • 6 comments

Currently, when specifying a redirect URL in the form for acquiring Freesound API access credentials, inputting a URL for an iOS app (for example, in the format <appname>://) results in an error, and the message "Enter a valid URL".

Adding support for redirecting to iOS apps would allow developers to handle temporary authorization codes directly, and for the Swift client API (in progress here) to perhaps handle them directly itself, providing a simpler API.

screen shot 2018-06-11 at 8 48 40 am

nikhilsinghmus avatar Jun 11 '18 13:06 nikhilsinghmus

We need to remove a restriction for URL to be a web URL, but still show a warning to catch possible typos in http/https

philtgun avatar Jul 04 '18 14:07 philtgun

Hi @philtgun, are you still planning to work on this?

ffont avatar Aug 27 '18 06:08 ffont

Yes, see this branch. Things left to do is to change the validator to custom one that will accept additional valid URL schemas.

Also that is the thing that I wanted to discuss - which schemas to allow. My proposal is that only non-conventional url schema should be the app name that is provided in other field (case-insensitive).

philtgun avatar Aug 27 '18 09:08 philtgun

ok, sorry I did not see this.

Also that is the thing that I wanted to discuss - which schemas to allow. My proposal is that only non-conventional url schema should be the app name that is provided in other field (case-insensitive).

sound good to me

ffont avatar Aug 27 '18 09:08 ffont

I talked with @philtgun in person - we think that a better idea would be to:

  • In the callback url field have a checkbox or other method for the developer to say "I need a non-web callback schema for an app"
  • This doesn't check the value against django's url validator
  • It also extracts the schema and adds it to a unique list of allowed schemas (new table) which we can validate against in get_allowed_schemas: https://github.com/MTG/freesound/commit/9c6cd28ec98cb41425a2409f42eb1c624567d395#diff-5175c88a15979be6740553ead5841af9R29
  • If someone chooses a duplicate schema, then we don't allow them to do it

alastair avatar Sep 04 '18 15:09 alastair

FYI, related to this issue, I found out there are two related branches: https://github.com/MTG/freesound/tree/oauth-callback-new-schemas https://github.com/MTG/freesound/tree/oauth-callback-new-schemas-2

Looking at the commits it seems like the second is the most up to date one.

ffont avatar May 14 '19 09:05 ffont