How to use OAuth without authorization

Magnus21 · wrote on 8 Jun 2018, 15:19

Hi there,

the Reddit API uses OAuth and I use QOAuth2AuthorizationCodeFlow to handle the user authorization, which works very well.

However, I also want to implement userless OAuth, which is supported by Reddit to access the Reddit API read-only: https://github.com/reddit-archive/reddit/wiki/OAuth2#application-only-oauth

In this case, there is no authorization step, the app just immediately requests the OAuth access token, like so:

curl -H "Authorization: Basic $(echo -ne $REDDIT_CLIENT_ID | base64 --wrap 0)" -d 'device_id=DO_NOT_TRACK_THIS_DEVICE&grant_type=https://oauth.reddit.com/grants/installed_client' -X POST https://www.reddit.com/api/v1/access_token

Which will return a valid OAuth access token with read only scope.

Is this possible with the Qt authorization library?

Unfortunately the grant() method always tries to authorize with an user and the setStatus() method is private, so I cannot skip the authorization step.

Any idea how I can use the Qt OAuth libraries to retrieve this userless access token?

Any help is greatly appreciated :)

SGaist · wrote on 8 Jun 2018, 21:10

Hi,

What about subclassing QOAuth2AuthorizationCodeFlow and reimplement grant so that it does what you want ?

In any case, it looks like it could be a missing use case in the module. You should check the bug report system to see if there's anything related.