oAuth Integration

oAuth Basics:

• Client after clicking oAuth provider link, authorization url is hit with (provider-id, provider-secret) and provides client-access-code if client provides authorization.
• Then client-token is generated from provider's end using (provider-id, provider-secret, client-access-code)
• This client-token is used to access provider's API on client behalf by the host API.

oAuth Resources:

• https://blog.miguelgrinberg.com/post/oauth-authentication-with-flask
• https://realpython.com/flask-google-login/
• https://rauth.readthedocs.io/en/latest/

---

General Info:

• Development Callback URL: http://localhost:5000/oauth/callback/<PROVIDER>
• Production Callback URL: https://auth-api-flask.herokuapp.com/oauth/callback/<PROVIDER>

---

Facebook (Auth-API)

• https://developers.facebook.com/apps
• https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/
• https://developers.facebook.com/docs/facebook-login/access-tokens

Twitter (Auth-API-flask)

• https://developer.twitter.com/en/apps
• https://developer.twitter.com/en/docs/basics/authentication/oauth-1-0a
• https://developer.twitter.com/en/docs/basics/authentication/oauth-1-0a/obtaining-user-access-tokens

Github (Auth-API)

• https://github.com/settings/developers
• https://developer.github.com/apps/building-oauth-apps/creating-an-oauth-app/
• https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/

Google (Auth-API)

• https://console.cloud.google.com/home
• https://accounts.google.com/.well-known/openid-configuration
• https://developers.google.com/identity/protocols/oauth2/openid-connect
• https://developers.google.com/identity/protocols/oauth2

LinkedIn (Auth-API)

• https://www.linkedin.com/developers/apps
• Created a company page and verify the app as an admin of that company.
• https://docs.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow
• https://docs.microsoft.com/en-gb/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin