You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jun 15, 2024. It is now read-only.
I don’t know if this is possible to be done on a mass scale, but I’m thinking about some way where a user is redirected to their Authorization Endpoint, it provides a “login via mobile” button. When clicked, the authorization endpoint would ping Indigenous’ server and send a push notification to the phone.
The push notification would allow the user to “authorize” login. When clicked, it would then ping the authorization server back. This would require two things, an initial “state” code from the IndieAuth server to verify the it received it, and an access token with a scope that is essentially “external authorization”.
When the IndieAuth authorization server receives both the original state back, an access token with a scope of “external authorization”, and client_id that matches the access token, the user is automatically logged in.
The next question regarding this is, is this just to be able to log in to the authorization server (like logging in to eddiehinkle.com?) or actually fulfilling the role of the authorization server (where the requesting client information actually displays in the app with the scopes, etc) and allows the user to do the actual authorization on mobile, where the desktop would then automatically redirect the user back to the original requesting client.
The text was updated successfully, but these errors were encountered:
I don’t know if this is possible to be done on a mass scale, but I’m thinking about some way where a user is redirected to their Authorization Endpoint, it provides a “login via mobile” button. When clicked, the authorization endpoint would ping Indigenous’ server and send a push notification to the phone.
The push notification would allow the user to “authorize” login. When clicked, it would then ping the authorization server back. This would require two things, an initial “state” code from the IndieAuth server to verify the it received it, and an access token with a scope that is essentially “external authorization”.
When the IndieAuth authorization server receives both the original state back, an access token with a scope of “external authorization”, and client_id that matches the access token, the user is automatically logged in.
The next question regarding this is, is this just to be able to log in to the authorization server (like logging in to eddiehinkle.com?) or actually fulfilling the role of the authorization server (where the requesting client information actually displays in the app with the scopes, etc) and allows the user to do the actual authorization on mobile, where the desktop would then automatically redirect the user back to the original requesting client.
The text was updated successfully, but these errors were encountered: