Topic on Talk:OAuth/For Developers

Registering single copies of desktop or mobile apps

2 comments • 09:57, 13 May 2017 6 years ago

2

Damian Yerrick (talkcontribs)

From OAuth/For Developers:

Intended Users

[...]

But not...
- Desktop applications (the Consumer Secret needs to be secret!). Some alternatives are being considered. See past discussions:

The first discussion recommends the following:

The best workaround now is probably to have each user register their copy of your desktop application as its own consumer.

The second discussion recommends making a generic "desktop application" consumer, which the server administrator never ended up implementing.

Thus each user of a desktop or mobile application will be forced into the flow to register an owner-only consumer. This means that the flow through meta:Special:OAuthConsumerRegistration/propose must be as painless as possible. So is there a way for a desktop or mobile application to tell the user's default web browser to open meta:Special:OAuthConsumerRegistration/propose with prefilled values in the "New OAuth consumer application" fields, to which the user can check the box for acceptance of terms and then activate the "Propose consumer" button to submit the form? Would I need to request this at Phabricator? Or is prefilling a bad idea to start off with? --~~~~

Reply 17:18, 23 June 2016 7 years ago

Tgr (WMF) (talkcontribs)

Most MediaWiki form fields can be preloaded and the OAuth registration form is no exception. Just check field names in the HTML source and use query parameters to give them a default value. E.g. https://meta.wikimedia.org/w/index.php?title=Special:OAuthConsumerRegistration/propose&wpname=My+OAuth+app&wpdescription=Foo+bar&wpownerOnly=1&wpagreement=1 It's not possible to do that for the grants checkbox list though. (Filed as T165217.)

Also filed T165219 as a more experimental idea.

Reply 09:57, 13 May 2017 6 years ago

Reply to "Registering single copies of desktop or mobile apps"