loris Posted January 22, 2013 Share Posted January 22, 2013 In order to build workflows that use third-party APIs, we sometimes need to authenticate the users. At the moment, we can ask the user for its credential and store them in the workflow settings. That is not cool. Futhermore, some API service are now OAuth only and won't let developers log users using their private credentials. My request is to give workflow developers a way to handle OAuth, especially the token response. The easiest way I see to implement that would be to extend alfred URI scheme to workflows. For instance, I have a workflow with the following bundle id: "com.foobar.bundle", with a single "foobar.php" php file inside the workflow folder. I could give to the third-party API the following URI as the OAuth return url: alfred://com.foobar.bundle/foobar.php The foobar.php script would then be able to get the token parameters and finalize the authentication. Link to comment
jdfwarrior Posted January 23, 2013 Share Posted January 23, 2013 I've brought this up to Andrew in the past for working on things like my AlfredTweet workflow/extension. Twitter for example, I just redirected the user to a page I controlled that started the oauth flow, allowed them to authenticate to Twitter, and then either returned the oob pin code, or just returns the tokens directly and asks the user to paste them back in. Obviously, you don't want to store username and password and such in plaintext in settings or something, but what about using the security command to save them in the keychain? It can be done very easily. Reading from the keychain is easy as well. If the user knows to only click the "Allow" button and not "Always Allow" then it would always prompt the user before it accessed the keychain. I know this isn't the best flow for the end user, but it works.. Link to comment
loris Posted January 23, 2013 Author Share Posted January 23, 2013 Yeah, I know about keychain and the oob pin code concerning Twitter. I know this is not perfect for the user but it works! What i am more concerned about is the growing number of APIs (Facebook, Google, Pocket to name just a few) that just won't let you use authentication with PIN code or classic login/password. Link to comment
altryne Posted March 29, 2013 Share Posted March 29, 2013 (edited) I've brought this up to Andrew in the past for working on things like my AlfredTweet workflow/extension. Twitter for example, I just redirected the user to a page I controlled that started the oauth flow, allowed them to authenticate to Twitter, and then either returned the oob pin code, or just returns the tokens directly and asks the user to paste them back in. Obviously, you don't want to store username and password and such in plaintext in settings or something, but what about using the security command to save them in the keychain? It can be done very easily. Reading from the keychain is easy as well. If the user knows to only click the "Allow" button and not "Always Allow" then it would always prompt the user before it accessed the keychain. I know this isn't the best flow for the end user, but it works.. Yeah, I know about keychain and the oob pin code concerning Twitter. I know this is not perfect for the user but it works! What i am more concerned about is the growing number of APIs (Facebook, Google, Pocket to name just a few) that just won't let you use authentication with PIN code or classic login/password. I have done an Pocket oAuth flow without asking the user for his credentials. The way I do it is a bit complicated but it works, and is transparent to the user. The workflow post is here : http://www.alfredforum.com/topic/1618-pocket-workflow-with-oauth-login/ Edited March 29, 2013 by altryne Link to comment
mihahribar Posted July 11, 2013 Share Posted July 11, 2013 Is there any news on this feature? I would love to build a proper OAuth flow instead of hacking it together and making the user do silly things... Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now