[英]How does oauth2 redirect url work for desktop applications?
For people who work with desktop applications, how do they handle oauth2 flows for third party services that need a redirect url? 对于使用桌面应用程序的人,他们如何处理需要重定向URL的第三方服务的oauth2流?
I'd like to authenticate users through Discord's oauth2 login. 我想通过Discord的oauth2登录名对用户进行身份验证。 But I'm working on a desktop app, with no webservice behind it.
但是我正在开发一个桌面应用程序,其背后没有任何网络服务。
I've read about the redirect scheme that looks like, 我已经阅读了有关重定向方案的内容,
urn:ietf:wg:oauth:2.0:oob
But discord says it's a non matching redirect url after logging in through oauth2 . 但是Discord表示,这是通过oauth2登录后的不匹配重定向网址 。
If you use a desktop application you have a couple of choices: 如果您使用桌面应用程序,则有两种选择:
localhost
as redirectUri. localhost
用作redirectUri。 The downside is that you will usually need to also supply the port number in the list of allowed redirect Uris and you won't necessrily know if a certain port is available on the client. urn:ietf:wg:oauth:2.0:oob
instructs the server not redirect the user at all but output the code in the browser windows title. urn:ietf:wg:oauth:2.0:oob
指示服务器根本不要重定向用户,而是在浏览器窗口标题中输出代码。 If you have the appropriate permission to read other windows title then you can autodetect changes there. state
to you to which you send the user. state
。 Then the authentication service will send your user back to your webservice which again reports the code to your application eg by means of long polling, web sockets, or a real TCP connection which is kept open during the whole process.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.