Comments (4)
and openid-connect should use the code authorization flow, since we can make use of refresh tokens. Therefore the user stays signedin until grant is revoked.
from balloon-client-desktop.
oAuth2Config must be replaced with:
"auth": { "basic": true, "oidc": [{ "provider": "google", "clientId": "", "authorizationUrl": "https://accounts.google.com/o/oauth2/v2/auth", "redirectScheme": "", "imgBase64": "iVBORw0KGgoAAAANSUhEUgAAAL8AAAAuCAYAAAB50MjgAAAIx0lEQVR4AezTRxEDUQxEQecAz+Z/ljlsDv8qE9B2Vw2DNycADu687rLuasVml9Z37hwRn2EYYi4Gtq5X338HuPV9/5uLgq3vrfNT4jUXB1vnp8R7Lg62zvP4QfwgfhA/iB/ED+IH8S/smwWM3cgZx0UVl1FQFFOZmZmZmZlemRldbl2eogs+8oFz5+tZl1FjVZYsyap7rqy+6rW+Os46TnxOnImzk3/z7NHMer37gkun/Uuz4PGbz/7mN9/3zWi3jSPc9PXPo3z7a7D03CfgwDMehYOvfv6pa5/Dcd/DrnZ1s4N/eX+GQ+9/Kw484UELW/meN2L5fyl2dbPQLvxtFGLpBU8RgJ++HZq8A7va1Y6Hf3kpx9JzHj8C/OBrXoDqcx/F4c98GMWrnqci/1tfBX5Thc1SWxeYxhGiKEIyy9BwSLFiCup6SGuOCy5eI/IogqTARitPfFA/RrOeD/IA2mQC089wVmIVZsJ3cTJDyTg2VW0GczKBZoVg2xH+Q5O3DaAvXvoMsH17x37cex0Of+y9mwp+FliYTCarGkFctpgrdbXumuamuNBqC1/Yc9FgI9XAFe82ZZ1lzAIPLg1RCVZZ5nX9hKY4U9UzH5r0mWpOlG8i/CnI3K7uodlu8J8sKY5888448OQH9OC/+GlYvjHFdhAvIzFhOmiUoiwzhI7RX9Momi4rZAiDCEXDNwTKWRQiySpstKo0RhinIjq28PT+vdN2FfxehjNSM4UuYDdphKIskPi2DB4p2zz4jblN4m2/yL/8j7fgxLW3wLHf3QrFC+6DY1dfge2itgj6ySI+FNoFLG0+gWY3gdXUh2mYiHImgY1cs494mgHbsWAQAjvMgTaHYxAYFkXg2d09mqbDCVPwtWsNuKYBi8Zou+eJurEsx4NrkT7j6BbivMFITQqb6DBpAt6vZFBj/vtU/F7ANXQQOwQDQ+RaMEwXeTN/Rl1GbE03EOZMwq+ZjrJNLCRli7WUB2Z/jx1jpWK7z5TurAEgskzoguj9dd2wkRRDTJssgm3owl8ENMoG/ioSD0Sbf16D6c59Y4j3Whv+Jo/78bT+/fyk2Br4T3j3m8PfteN77oKTy8tYrS9dxha2vTecwIaoTiQEhhMgr8aQpbQHgaYNAI5ETO58IgjRZKrXaapScN8G/WHJF6TsPsuw1FPlg0ZAtMkgC0kJuK3uXhslAJ774rMmCgAow/53KwIHg0f6iDw7ks8XzcBOIOBX13To0raLCmPNBn5ZX6lnKH8puwiLVgSgUPmQEDkfxEvFGqeDfvGzLHMG8Itsrha2sufO6i2A3729hP+E/xispcd/8cjC9t09DBulInaVQ0U09+JcRp7MM9Qkt1nv6ImBacUHewYi4O/7CRLRLxbLGJLxxCkADV/AXsDWBLRsRD9iq4+GSQPkErIJ/IKjTvoSxE4qAAw+WVmOtOr3nsGzt23rg/dq8inCMEQURd33tGrF4h76IxMZY2JG4GgRGP0z21HRj1wlIMLHWav6rTAXa17ALXw29CFHZPX+duJK3K+yO9uJ8H/jCoYNFSsR+y4MfUXUprMR/LyKoQlHtrJy8cfwq36krn7W8Ku6ewDtSFXs9FEtSUVk75vhT5F0dnUk9RrjqEwgwD5b2wpKL2ODgwEVaRvwMoQms89aG1Q2WoQAk/uRpB73iwC0DvxM+kEjRleumkRTmWLzy577Svjr6++GZT4ue179o6OD9rLvHx3A/zP3ODZCTZEiSaYoGkhV8gTDQNquA78uHD88JRnBLBbP2cNP0zOCH3UiNp39BNtxitDqf9dEyVJjbfj9AfxnbzvziIjYZf8qrEHdNEhcWQ7JMQX8Cl4Fv1hEGqbNavg1RGWj+tnYZwvh10m3fyLzRWAaMOxw8yP/8b+/sQM/2nN7PPtPT8UVUxen0yV+O4D/mnBjav6U6r2jnOkISAHGAF4ZtTQbBReLJXG2Dn7UcGW26sufOrZH2WsR/Bk/e/jFews7FjI22iON/FUCwxreCNBKGxP4YhDwleWW6vfSRp0yrQu/up/OGuWlLEXNt2DDe2zpL7jkinvh4X94Lh74hxfgqZe+Ef+t92M9HT56Eq/8oYr8TzjV5tc2QoPNkWGDUhfG3PFqEzqAV6R70W+B0pWgpQBLQUbwk4Xwqyi4GEARodfeeIrnrVU2GNoclTkqQhLT7k50zt52I/r7EsWhFE5/SiRsMwAtIkv5y6OO8LeCs566cvE6HoWpT+QpEu9KO1v225TClPOj4Fc+VOPNm+V6oLYhFlsIvqnwC73D/dwcfNmecdmbsfdGH6sVl1O89hfTQdT/0mXHsJFiRQJbncoIIChypiL3IPK0JTxT3a8p+PuotQr+IrTE5xfAb/gi8vvypEMCaIgSbE0A1QmR4WUSSo+osm29ccrYUfV52pyTbfAKgWOuOjAgcMMU0jSvEdgE6h4NbpRhpfLIhbbS/3aASpLKMfMtqPGF74mHZuxDcYhBZQDoA5uLrOHAVsCfHy3wuIteLeBX7flXvBMf+es38fF938Irr5501x70+1fgUd+6vgP/Wd84gv2HOTZDvG3BGANrF9triwRBlHX3cbSYishrBjl2nFoGxtoL4Tzhu3ahf9tTjS8ao2nG/ucVQj9C2bTgnKNO/cG+a33Nn2luk2/9H7aFS//Eky95vQD/9O0Zv/oNgn8vbzdaEKjTBHk6JEqDXW2AytCUpZVhqHN7J6l21p80Z0cO4C3Xfeq04L/wynfjhvJf2JZiJUJqg+gaNE2HYVGkNceuNkotssiDSXRomgadWAim5c79Z5boYILP/e0HePU1H8bjL34NHvHnl+HZl78NH9v3LVz7n33gJ//f3r1aIQwDYBjlDQt0D1zZCsbKbOATWfKSxKFy7j3nV7WfbBIx4RgjiB/ED+IH8YP4QfwgfhA/fyH+W0rpvcGkSt+jN7kuIYRXjPGzTQZK17nvZ+l898Mhb8m75615j0lmtvaul9r5QPlwzrtMNrNz7xv4AnoIRo6yhoDGAAAAAElFTkSuQmCC" }] }
from balloon-client-desktop.
check out:
https://github.com/openid/AppAuth-JS
https://stackoverflow.com/questions/45264213/oauth2-openid-connect-javascript-electron-desktop-application/45278469#45278469
https://stackoverflow.com/questions/45242249/using-openid-connect-for-authentication-spa-and-rest-api/45250836#45250836
from balloon-client-desktop.
- once auth type has been choose it gets stored under config.auth oidc|basic
- multiple oidc can be configured (wiki coming)
- basic auth is the default and turned on (could also be disabled)
- if basic auth is disabled and only one oidc provider is setup, you won't see the login screeen, it goes directly to your IdP
- if oidc is choosen, the provider gets stored under config.oidcProvider and the provider automatically gets called for new tokens, you will not see the login window anymore from the setup
- accessToken, refreshToken and passwords are now stored in the os keyring
- keyring is optional for the node sync module, since it checks config first if their available as plains (but needed in combination with the desktop client)
from balloon-client-desktop.
Related Issues (20)
- Linux cleanup after uninstall HOT 1
- Uninstaller for OSX HOT 2
- Logger can't serialize BigInt's
- Logger can't serialize BigInt II
- Identify instance with user id instead of username HOT 1
- ENOTEMPTY after login
- Whenever a login is verified, the username should be checked
- Handle os x special folders like .app
- Trailing slash in server url leads to error HOT 1
- `setTemplateImage` function is deprecated
- Changing server fail HOT 1
- Use Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() over new Buffer()
- Loading non context-aware native modules in the renderer process is deprecated HOT 1
- Support authorization code flow in balloon v3 HOT 1
- Migrate to balloon-sdk-node for server communication
- Change wizard finish page message
- Unhandled promise rejection if build without releaser
- Add AppImage package and enable autoupdate for linux (If installed using appimage)
- Client forgets server settings
- ESOCKETTIMEOUT during move operation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from balloon-client-desktop.