What to do with the Redirect URL with a Python Script?

dylxntwitch · December 19, 2022, 5:01pm

Making a Python Script that needs the User Access Token.
Needs perms, so I gotta go through the whole oAuth thing.
The script works if I just use my own tokens from my account I used via. Tokengen, but I’m trying to make this useable by other people.
Says I need a redirect link, however to get the token from the user I can’t use localhost:3000
Does that mean I need to buy a website url just to be able to recieve the tokens ?
Not sure if I’m missing an alternative to recieving these tokens, but the others seem to just be only for the standard App tokens and not for User Access Ones.

thanks <3

BarryCarlyon · December 19, 2022, 5:04pm

basically yes.

if you want tokens from other people, then you need a thing that is web accessable (aka public) to those users.

oAuth requires a user to manually take steps to grant access between the user and your ClientID via a Web Browser.

dylxntwitch · December 20, 2022, 12:25pm

Ah that sucks, I presume their isn’t an alternative. Thanks !

BarryCarlyon · December 20, 2022, 12:37pm

Well this is how oAuth works.

The only alternative is inside of the user using a webpage to provide tokens.

They use a tool to generate a token and then copy/paste the token to you. Which then comes with copy/paste error issues.

If this is a script that you pass to others to run, then you can start a temp web server to capture the token (this is what the CLI does).

But if you retain running the script then you need some way to generate or obtain a token.

dylxntwitch · December 20, 2022, 7:26pm

wait, i AM passing the script to other people.
What is this CLI thing then? Never heard of it before.

BarryCarlyon · December 20, 2022, 7:28pm

Then if the script is being distrubuted.

You would be using oAuth implicit auth only (to prevent leaking your client secret).

You would then want to use the “temporary webserver” approach.
So that when a user clicks “auth” it starts a temporary web server to capture the token with.
And the redirect URI for that is gonna be http://localhost:someport
Just pick your port wisely

dylxntwitch · December 20, 2022, 7:42pm

Will have to look into this when I get the time, thank you so much for your help and the fast responses

dylxntwitch · December 20, 2022, 7:43pm

Sorry, just to ask, with Implicit Auth I can still get the user tokens right ?
like, I can still retrieve params and stuff

BarryCarlyon · December 20, 2022, 7:44pm

Ignoring OIDC There are three kinds of oAuth

Implicit
code
client credentials

implcit and code auth provide user tokens.

system · January 19, 2023, 7:45pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.