Vignette on authentication

[dmi3kno]

Looking through the issues list, there are some common confusion points around how authentication is supposed to work in httr. I think it would be really cool to write an informative vignettes with best practices and examples. I might be able to contribute, but I would rely on someone with more experience to front this piece of work.

I will leave some links to useful resources here:

• Oauth Bible
• Empirical Analysis of OAuth SSO Systems
• Google auth example
• Article in Rstudio KB

Related to #576, and more ...

[jennybc]

Related: gargle's vignette on how "it" (I? we?) think wrapper packages should handle auth:

https://gargle.r-lib.org/articles/gargle-auth-in-client-package.html

Obviously I had the luxury of focusing on Google API's, which makes it possible to be quite opinionated. But a lot of that translates to many, many other APIs.

[dmi3kno]

Google API is definitely well developed and relatively clean. I am working on some bizzare wrappers, where consistency is not the most remarkable feature. Having sad that, we definitely need to showcase gargle and rtweet as best practice examples. I would love to have more examples from other APIs, at least for those defined in httr::oauth_endpoints()

[hadley]

httr has been superseded in favour of httr2, so is no longer under active development. If this problem is still important to you in httr2, I'd suggest filing an issue offer there 😄 — but the dev version does already have a pretty decent vignette: https://httr2.r-lib.org/dev/articles/oauth.html. Thanks for using httr!