I have a single-page app that’s written in rust and served from github pages or bundled as a native executable using web-view.
My app requires the client to log in with twitch but I’m facing an issue with the implicit auth flow - namely the way the api works (using redirect urls) can’t work for my app when it’s packaged into a native binary (no web server involved in both cases) and possibly for the case where I serve my app as separate files (still statically) using github pages.
How do I get around this?
If I recall correctly what chatterino does to get around this is have a separate web service that uses the implicit auth flow and serves a page with the client id & secret for the user to copy, and then the native app can extract the relevant values from the clipboard.
The main caveat with the approach I detailed above is that sensitive values can be shown on stream by mistake.
Is that my only option or am I missing something?