StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POHow to deal with oAuth callbacks to non webservers?
primarykey
Id
20850010
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2013-12-31T00:48:47.577
FavoriteCount
0
LastActivityDate
2013-12-31T01:01:35.933
LastEditDate
2013-12-31T01:01:35.933
LastEditorUserId
1007680
OwnerUserId
1007680
ParentId
0
PostTypeId
1
Score
0
ViewCount
72
LastEditorDisplayName
text
Body
I'm currently building an oAuth2 server so that external clients/devices can access data from my service without having to send over user credentials with every request. I've finally grasped how oAuth works after spending an entire day reading numerous tutorials and online documentation, however, there's still one thing that I'm rather unsure of... When sending a request for an authorization code to an oAuth server, how should I deal with a callback to mobile devices and devices that aren't a webserver? E.g. this request to my oAuth server will send an authorization code as a callback to a specified webserver (<a href="http://client-url.com" rel="nofollow">http://client-url.com</a> in this case) <pre><code>http://mydomainname/oauth2/?client_id=test&grant_type=authorization_code&client_details=test&redirect_uri=http://client-url.com&response_type=code </code></pre> The server at <a href="http://client-url.com" rel="nofollow">http://client-url.com</a> will receive a response containing an authorization code and the developer will be able to store a user's oAuth credentials accordingly. Obviously a mobile device isn't a webserver, so is there a standardised way of dealing with this? I've read online that you can define something called a custom URI scheme within iOS and Android apps. But what about the other mobile platforms out there? And desktop apps? I want my API to be accessible from as many platforms and devices as possible. The reason why I'm asking this question is because I want to add validation to my oAuth server so that users can only register apps with valid callback URL's. I wasn't sure if should allow any other type of input as a callback apart from a valid URL. Can anyone shine any light on this? I want to avoid spending hours validating and testing this across all devices as I'm sure anyone that has developed for multiple mobile platforms in the past must have some knowledge about this. Thanks in advance.
Tags
<web-services><oauth><oauth-2.0><oauth-provider><mobile-devices>
Title
How to deal with oAuth callbacks to non webservers?
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USJoel Murphy
UserOwnerUserId
1. USJoel Murphy
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.