/tg/ OAuth2.0 User API Documentation
Posted: Sat Oct 30, 2021 5:22 pm
This is early stages. Oauth application registration requires a manual process only I can do, a self serve system may or may not get coded at some later point in time.
Basic details: (for people who know how to use OAuth apis)
(Warning, per the oauth2 spec, attempting to double spend the initial authorization code grant invalidates the entire authorization grant and all tokens/refresh tokens issued by it, as an additional security matter, the same applies to refresh tokens)
For more info on how to interface with OAuth2 apis, see this page: https://aaronparecki.com/oauth-2-simplified
User endpoint:
https://tgstation13.org/phpBB/app.php/tgapi/user/me
Only bearer token authorization is supported. (see here for more details)
Response(json):
Group type:
Basic details: (for people who know how to use OAuth apis)
Code: Select all
Auth endpoint: https://tgstation13.org/phpBB/app.php/tgapi/oauth/auth
Token endpoint: https://tgstation13.org/phpBB/app.php/tgapi/oauth/token
User endpoint: https://tgstation13.org/phpBB/app.php/tgapi/user/me
- Token format: bearer (length between 40 and 50 characters currently, never more than 255 in the future, but even 128 would be stretching it)
- Token TTL: app defined.
- Token endpoint supports url-form-encoded and json encoded POST bodies.
- Token endpoint does NOT support authorization header client authentication (pass it in as client_id and client_secret via the post body or json body)
- Refresh tokens: Supported, Single use rotating refresh tokens.
- Redirect_uris must be pre-registered and must exactly match. if provided to any of the oauth endpoints, it will be validated against the registered redirect uri, but is optional.
► Show Spoiler
User endpoint:
https://tgstation13.org/phpBB/app.php/tgapi/user/me
Only bearer token authorization is supported. (see here for more details)
Response(json):
► Show Spoiler
► Show Spoiler