Question

I am making an app that uses Kinvey as a backend. I want to access the Github api. I need the user to authenticate with OAuth. Can I do that with Business Logic? As far as I can tell, every request needs to be authenticated as a user, when Github redirects to my Business logic it won't have those credentials. I feel like I am missing something simple(never worked with oauth before).

Can this be done with Kinvey alone?

Was it helpful?

Solution

The OAuth2 callback does not have to be to Kinvey. If the user is interacting with the system and authorizing the token via OAuth, the redirect should actually be back to your web server - this way the user is redirected away from the authorization page, and back to your site. From there, you can get the token from the callback URL query string, make a request to store that token in Kinvey, and redirect the user to the appropriate page on your site.

If you are doing the server-side OAuth flow, you can set your callback to be any collection (you can create a dummy collection for this purpose.) Endpoints will not work for this, because endpoints only currently accept POST requests, and the OAuth2 callback is a GET request. In this use case, you would create a pre-save endpoint that receives the callback, obtains the token from the query string, and then does whatever processing it needs to do.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top