restish icon indicating copy to clipboard operation
restish copied to clipboard

Published 20 hours ago verified publisher icon danielgtaylor

Allow running OAuth 2.0 Authorization Code workflow with local HTTPS server

Open gdavison opened this issue 4 years ago • 2 comments

The OAuth 2.0 Authorization Code workflow currently runs a local HTTP server to handle redirects. Some APIs, such as the Destiny API, do not allow HTTP redirect URLs to be configured.

A configuration option could be added to serve the redirect handler with HTTPS with a provided certificate, or restish could generate its own certificate.

gdavison avatar Feb 07 '21 00:02 gdavison

I'm willing to add this if someone wants to write the code :+1:

danielgtaylor avatar Apr 02 '21 13:04 danielgtaylor

I can write it up. I have a hacked-up version already, but it only does HTTPS now 😂 The config should be easy enough.

Design question: should each service potentially have its own certificates, or can they share a key? If shared, do they need to be stable, or generated if needed? Generated if needed seems like the simplest option, with an enhancement if specific certificates are needed for a service.

gdavison avatar Apr 02 '21 21:04 gdavison