Remora.Discord
Remora.Discord copied to clipboard
Remora
Implement the OAuth2 authorization flow
Description
Currently IDiscordRestOAuth2API only has two endpoints
These are, to be fair, the only explicitly documented endpoints under the OAuth2 topic.
However, I think that the basic OAuth2 authorization flow endpoints should also have their own methods.
Why This is Needed Remora.Discord should implement the full Discord API. Extracting the authorization flow into their own methods will expand Remora.Discord's use cases by simplifying the steps taken to authorize a user (e.g. in web apps).
Alternatives Considered While there are other libraries that do this for you, such as AspNet.Security.OAuth.Providers, these are very abstracted, feature-rich, and heavily opinionated towards usage in fully-fledged websites. As such, they do not integrate well with the Remora ecosystem.
I am proposing a simple wrapper around the authorization flow endpoints that does not involve Remora.Discord hosting any webservers to catch authorization codes - this is up to the consumer.
Additional Details Discord has its own OAuth2 URL generator that is quite simple to replicate. There could be a helper method to create these URLs too.
...
If this is an issue you think is worth implementing, I would be happy to open a PR.
Just a note that came up:
-
/authorizeendpoint should not send a request but return the built url -
/tokenand/token/revokeshould send an actual request
How would the bot get the authorization token though if it does not redirect to a least a website? I think that is why the Discord auth package maintained by the aspnetcore team exists.
How would the bot get the authorization token though if it does not redirect to a least a website? I think that is why the Discord auth package maintained by the aspnetcore team exists.
The library isn't responsible for the server. That's for you to setup yourself, and it's pretty easy with Owin.