gotosocial icon indicating copy to clipboard operation
gotosocial copied to clipboard

Published 20 hours ago verified publisher icon superseriousbusiness

[feature] Support for oauth redirect_uri `urn:ietf:wg:oauth:2.0:oob`

Open tsmethurst opened this issue 3 years ago • 1 comments

This is the mechanism Mastodon uses to allow users to request tokens to pass to external apps and bots that can't go through the normal browser webflow.

The oauth library we're using in GoToSocial doesn't yet support this, so we need to look into hacking around it.

tsmethurst avatar Jul 22 '21 08:07 tsmethurst

When I try to get connected from a browser on a computer using Chromium or Firefox that url isn't understood and clients like toot can't get authorized.

ffuentese avatar May 01 '22 02:05 ffuentese

Is there a work-around for this? The README implies compatability; can anyone use any Mastodon client with GoToSocial without this?

xxxserxxx avatar Oct 04 '22 01:10 xxxserxxx

can anyone use any Mastodon client with GoToSocial without this?

Yes, clients that don't use oob tokens still work fine (pinafore, tusky, etc), with no additional steps or workaround required.

If you need the token separately, the workaround is currently to log in with something like pinafore and check your network requests for the Authorization: Bearer [token] header. It's not ideal but it works until we get this properly implemented :)

tsmethurst avatar Oct 04 '22 09:10 tsmethurst

I'd been using Fedilab (Android) with a mastodon.social account. It does connect and authenticate to gotosocial; I was able to change my avatar through the app as well. Any other changes (unlocking the account, setting posts to public, making the account findable) all resulted in an error on the server:

timestamp="04/10/2022 01:55:07.959" func=router.loggingMiddleware.func1 level=INFO latency=1.132434ms clientIP=10.0.2.100 userAgent=okhttp/3.14.9 method=PATCH status
Code=400 path=/api/v1/accounts/update_credentials msg="Bad Request: wrote 160B"

I did a quick search in the issues and didn't find a match, so I'm still not sure if this is just a weird interaction between Fedilab and gotosocial, or something else.

The issue is that's 2-for-2 of the clients I use that don't work with gotosocial and I'm not sure where to go from here.

xxxserxxx avatar Oct 04 '22 19:10 xxxserxxx

Bad request, hmm.... Will have to debug this one.

For clients, there are still plenty that work, but I can understand it's a bit frustrating when your fave clients don't. Did you try the latest version of Fedilab? See https://github.com/superseriousbusiness/gotosocial/issues/521#issuecomment-1193346376

If it still doesn't work, I'll open an issue to investigate fedilab incompatibility :)

tsmethurst avatar Oct 05 '22 09:10 tsmethurst

Hm. The last post on that ticket mentions Fedilab 3.0.10 working; I'm running Fedilab 3.3.0, so maybe there's been a regression.

I'll change the log level on gotosocial and open a (different) ticket with more information.

UPDATE #895

xxxserxxx avatar Oct 06 '22 16:10 xxxserxxx

I've confirmed that #889 works with tut and gomphotherium. Thank you!

xxxserxxx avatar Oct 11 '22 09:10 xxxserxxx