Alternative way to sign the user in
For context: Slack has two OAuth systems in place:
- OpenID-compatible one, designed purely for user authentication (“Sign In With Slack”). This is what this PR https://github.com/wasp-lang/wasp/pull/2764 adds to Wasp.
- general API access one, designed for issuing bot- and user-tokens.
Of course, supported scopes are very different and they also use separate endpoints for receiving access tokens.
When user goes through this second OAuth flow (for example, slack app installation into workspace goes through this flow), resulting access_code can be technically used to authenticate the user as well (user/workspace info is returned in the code exchange call). Note that since the token exchange endpoint is different to the sign in endpoint, Slack Auth Provider can't be re-used here - this needs to be a separate call.
Now, here is the user experience I am after:
- User can go to the website and click "Sign in with Slack" or
- User can install an app from the Slack Marketplace, and automagically get redirected to the website after install, including being already sign-in
The missing piece now is just creating session token and getting it to the FE with minimal effort. I would need to find or create authId, then create one time code and pass it to FE. However, this internal auth functionality is mainly encapsulated in the Wasp internals, so it's rather hard to extend it to the outside (at least I didn't found a way to do this yet).
Is there a way of "manually" signing user in, that I'm not aware of? If not, how would we extend SDK to do this?
- OpenID-compatible one, designed purely for user authentication (“Sign In With Slack”). This is what this PR https://github.com/wasp-lang/wasp/pull/2764 adds to Wasp.
- general API access one, designed for issuing bot- and user-tokens.
Of course, supported scopes are very different and they also use separate endpoints for receiving access tokens.
When user goes through this second OAuth flow (for example, slack app installation into workspace goes through this flow), resulting access_code can be technically used to authenticate the user as well (user/workspace info is returned in the code exchange call). Note that since the token exchange endpoint is different to the sign in endpoint, Slack Auth Provider can't be re-used here - this needs to be a separate call.
Now, here is the user experience I am after:
- User can go to the website and click "Sign in with Slack" or
- User can install an app from the Slack Marketplace, and automagically get redirected to the website after install, including being already sign-in
The missing piece now is just creating session token and getting it to the FE with minimal effort. I would need to find or create authId, then create one time code and pass it to FE. However, this internal auth functionality is mainly encapsulated in the Wasp internals, so it's rather hard to extend it to the outside (at least I didn't found a way to do this yet).
Is there a way of "manually" signing user in, that I'm not aware of? If not, how would we extend SDK to do this?
GitHub
Description
Describe your PR! If this PR closes an issue, use “Fixes #(issue_number)" syntax so GitHub will auto-close it when merged.
Select what type of change this PR introduces:
Ju...
Describe your PR! If this PR closes an issue, use “Fixes #(issue_number)" syntax so GitHub will auto-close it when merged.
Select what type of change this PR introduces:
Ju...
