django-allauth icon indicating copy to clipboard operation
django-allauth copied to clipboard
verified publisher icon pennersr

feat(ebay): Starting work on eBay OAuth Provider

Open kareemassad opened this issue 2 years ago • 3 comments

Submitting Pull Requests

General

  • [ ] Make sure you use semantic commit messages. Examples: "fix(google): Fixed foobar bug", "feat(accounts): Added foobar feature".
  • [x] All Python code must formatted using Black, and clean from pep8 and isort issues.
  • [ ] JavaScript code should adhere to StandardJS.
  • [ ] If your changes are significant, please update ChangeLog.rst.
  • [ ] If your change is substantial, feel free to add yourself to AUTHORS.

Provider Specifics

In case you add a new provider:

  • [ ] Make sure unit tests are available.
  • [x] Add an entry of your provider in test_settings.py::INSTALLED_APPS and docs/installation.rst::INSTALLED_APPS.
  • [x] Add documentation to docs/providers/<provider name>.rst and docs/providers/index.rst Provider Specifics toctree.
  • [ ] Add an entry to the list of supported providers over at docs/overview.rst.

kareemassad avatar Oct 14 '23 20:10 kareemassad

Hello,

EBay uses a two part authentication system. First, we need to get the user's consent (and specify scopes of the application), then we place the authorization code grant request to get a User access token and a refresh token. (I am following the docs here: https://developer.ebay.com/api-docs/static/oauth-consent-request.html, https://developer.ebay.com/api-docs/static/oauth-auth-code-grant-request.html.

Is it possible to support this? We would need to have a way to pass scopes. Would that be part of settings aswell?

Sorry for the questions!

Thanks!

kareemassad avatar Oct 24 '23 04:10 kareemassad

Is it possible to support this? We would need to have a way to pass scopes. Would that be part of settings aswell?

What you describe is regular OAuth2 functionality -- the other providers do similar things. I suggest you have a look at the OAuth2Provider class, specifically the get_scope() method. As you can see there, there is already a uniform way in which providers get ahold of the scopes, so this is not something you need a custom implementation for.

pennersr avatar Oct 24 '23 18:10 pennersr

I implemented some of the changes discussed. I wrote some tests (probably more than necessary), but I am not too sure how to test it

kareemassad avatar Oct 25 '23 00:10 kareemassad