-
Notifications
You must be signed in to change notification settings - Fork 256
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mastodon implementation misses the point #264
Comments
I see, thanks for the feedback. Grant tries to make certain developer workflows easier, for example having your OAuth app credentials on startup, but that is not a requirement. For Mastodon specifically there is no default domain set, for that same reason that you mention above: Lines 625 to 630 in 0ba063b
What that means is that you have to either use the {
"defaults": {
"origin": "https://your-proxy.com",
"prefix": "/login",
"transport": "querystring"
},
"mastodon": {
"dynamic": [
"subdomain",
"key",
"secret",
"scope"
],
"response": ["tokens"],
"callback": "https://your-app.com/callback"
}
} Then the workflow is as follows:
Let me know if that helps. |
Grant requires to provide keys and the instance to log in to at initialization. This is not how Mastodon, or pretty much any federated social network works. The fundamental rule of Mastodon is, there's no single instance of it, anyone can set up their own instance, and communicate flawlessly with people from other instances. Per Mastodon docs: "The user must be able to login to any Mastodon server from the app. This means you must ask for the server's domain and use the app registrations API to dynamically obtain OAuth2 credentials.". The box is ticked on provider list, but the implementation is just nonsense.
The text was updated successfully, but these errors were encountered: