28 lines
942 B
Org Mode
28 lines
942 B
Org Mode
|
:PROPERTIES:
|
||
|
:ID: 0dceeeca-7c23-41a8-b9dc-4642a09618db
|
||
|
:END:
|
||
|
#+title: Custom Routes
|
||
|
#+Author: Yann Esposito
|
||
|
#+Date: [2022-10-17]
|
||
|
|
||
|
- tags :: [[id:ce893df9-32a4-44e0-9eb5-b9817141ee6a][cisco]]
|
||
|
- source :: https://github.com/advthreat/iroh/issues/5411
|
||
|
* Reference
|
||
|
|
||
|
https://github.com/advthreat/iroh/issues/5411
|
||
|
|
||
|
|
||
|
We propose to provide two new endpoints to simplify and standardize this
|
||
|
integration system.
|
||
|
|
||
|
- ~POST /iroh/oauth/custom/code~ that could only called using a user's JWT with
|
||
|
the ~oauth:write~ scope. Given a ~client-id~ it will grant that client
|
||
|
(no need to pass via the CSRF token step) and returns a code
|
||
|
(directly and not a URL the client would need to parse)
|
||
|
- ~POST /iroh/oauth/custom/tokens~ that could only be called using a user's JWT
|
||
|
with the ~oauth:write~ scope.
|
||
|
|
||
|
This route also need a ~client_id~, ~client_secret~.
|
||
|
This will grant the client on behalf of the user and returns a classical ~/token~
|
||
|
response.
|