Oauth without callbacks question

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Oauth without callbacks question

Mariano Martinez Peck
Hi guys,

I am trying to use OAuth (as a client) to a OAuth server in which the callbacks are a bit messy. So for the moment, assume I cannot specify a callback. So the only option I have right now (this is a prototype anyway) is to copy and paste the "verifier" so that I can later get the access token. I am basing my code in Sven's great Seaside demo. However, and here is the problem, he does this to go to the authentication page:

self requestContext
redirectTo: (self oauthService loginUrlFor: requestToken) ; 
respond.

What happens here in my app, is that the browser redirects of course to the OAuth authorization server where I finally can see the verifier code. But...say I have to enter this code in my app...there is no way (as far as I understand) to map it to the (previously stored somewhere) request token. So I don't know which request token to use.

So I think the only option is that the above redirect in fact opens another tab in the browser and that my seaside apps holds into the current request token. Somehow, I would like seaside to then ask for a verification code or something...

Is that possible? Any idea how can achieve that?

Thanks in advance, 

--
Mariano
http://marianopeck.wordpress.com

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Oauth without callbacks question

Sven Van Caekenberghe-2

On 29 Apr 2014, at 22:46, Mariano Martinez Peck <[hidden email]> wrote:

> Hi guys,
>
> I am trying to use OAuth (as a client) to a OAuth server in which the callbacks are a bit messy. So for the moment, assume I cannot specify a callback. So the only option I have right now (this is a prototype anyway) is to copy and paste the "verifier" so that I can later get the access token. I am basing my code in Sven's great Seaside demo.

It is actually Jan van de Sandt's code, he's the guru - I would hope that he can help because this is quite complex and hard to follow. It does of course not help that you seem to be trying to talk to a non-public OAuth service that acts a bit weird.

> However, and here is the problem, he does this to go to the authentication page:
>
>
> self requestContext
> redirectTo: (self oauthService loginUrlFor: requestToken) ;
> respond.
>
> What happens here in my app, is that the browser redirects of course to the OAuth authorization server where I finally can see the verifier code. But...say I have to enter this code in my app...there is no way (as far as I understand) to map it to the (previously stored somewhere) request token. So I don't know which request token to use.
>
> So I think the only option is that the above redirect in fact opens another tab in the browser and that my seaside apps holds into the current request token. Somehow, I would like seaside to then ask for a verification code or something...
>
> Is that possible? Any idea how can achieve that?
>
> Thanks in advance,
>
> --
> Mariano
> http://marianopeck.wordpress.com
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Oauth without callbacks question

Johan Brichau-2
In reply to this post by Mariano Martinez Peck
Hi Mariano,

I must say I have a bit of difficulties to understand what control flow you are trying to achieve.
But, as you mention, is this not just a two-step process then:
- ask for the code in the app
- do the redirect

something like:

anchor
     callback:[ requestcode:= self call: InputDialogWindow. self requestContext redirectTo: (self oathService loginUrlFor: requestcode)];
     with: 'login'

But I'm probably missing something in your question as I have never used OAuth...
Johan

On 29 Apr 2014, at 22:46, Mariano Martinez Peck <[hidden email]> wrote:

> self requestContext
> redirectTo: (self oauthService loginUrlFor: requestToken) ;
> respond.
>
> What happens here in my app, is that the browser redirects of course to the OAuth authorization server where I finally can see the verifier code. But...say I have to enter this code in my app...there is no way (as far as I understand) to map it to the (previously stored somewhere) request token. So I don't know which request token to use.
>
> So I think the only option is that the above redirect in fact opens another tab in the browser and that my seaside apps holds into the current request token. Somehow, I would like seaside to then ask for a verification code or something...

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Oauth without callbacks question

Mariano Martinez Peck
Hi guys,

Indeed, it was nothing strange what I seemed to need. The thing is that OAuth get's a bit complicated when you don't use the OAuth callbacks.
Sorry to bother you. It is working now!!! 

Thanks!


On Wed, Apr 30, 2014 at 3:19 PM, Johan Brichau <[hidden email]> wrote:
Hi Mariano,

I must say I have a bit of difficulties to understand what control flow you are trying to achieve.
But, as you mention, is this not just a two-step process then:
- ask for the code in the app
- do the redirect

something like:

anchor
     callback:[ requestcode:= self call: InputDialogWindow. self requestContext redirectTo: (self oathService loginUrlFor: requestcode)];
     with: 'login'

But I'm probably missing something in your question as I have never used OAuth...
Johan

On 29 Apr 2014, at 22:46, Mariano Martinez Peck <[hidden email]> wrote:

>       self requestContext
>               redirectTo: (self oauthService loginUrlFor: requestToken) ;
>               respond.
>
> What happens here in my app, is that the browser redirects of course to the OAuth authorization server where I finally can see the verifier code. But...say I have to enter this code in my app...there is no way (as far as I understand) to map it to the (previously stored somewhere) request token. So I don't know which request token to use.
>
> So I think the only option is that the above redirect in fact opens another tab in the browser and that my seaside apps holds into the current request token. Somehow, I would like seaside to then ask for a verification code or something...

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside



--
Mariano
http://marianopeck.wordpress.com

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside