Trying to implement either a Login With Twitch or Link Twitch Account feature over pure HTTP. On my local machine, I have a RESTful web service running. One of the ports it listens on is port 80, and typing http://localhost in a browser does in fact make a GET request to my local service.
Now… making a GET request to https://api.twitch.tv/kraken/oauth2/authorize?response_type=code&client_id=<MY_CLIENT_ID>&scope=user_read&redirect_uri=http://localhost, along with the Authorization header containing Bearer <MY_OAUTH_TOKEN> does in fact return me an HTML Twitch login page. This page seems to be custom-tailored with my client ID stitched into the code.
So I took the output, pasted it into a Login.html file, opened it in my browser, filled in my details, clicked the Login button, and then nothing happens. The button says Sending…, but no further HTTP traffic occurs on my machine.
It does not work the way you are trying to do it since OAuth requires a browser to authorize the application. You need to redirect the user to Twitch to authorize and then Twitch will redirect back to your web application to provide the OAuth token or code.
Browser or no browser, shouldn’t there be some sort of HTTP traffic occurring after hitting the Login button?
Chrome developer tools doesn’t even see a POST request from it.
I’m fairly sure this is possible, since these sort of twitch connections also exist in browserless games (which is my main reason for doing this).
Ah-ha! I think I’ve figured it out. I needed to change response_type to token instead of code. Chrome dev tools now shows an HTTP POST request to http://localhost/sessions/new and http://localhost/client_event/new, so now it’s simply a matter of getting my web service to receive it instead.