Expand description
Contains all functionality for OAuth and logins
Authorization
Authorization for a Reddit client is done by OAuth, which can be done multiple (3) ways. The possible methods of authorization are Script, Installed App, and Web App. Currently, only the first two are supported by orca. There are certain use cases for each app type.
Scripts
Script apps are used when you only want to authorize one user, that you own. This is the app
type used for bots. It’s special because it can keep a secret (secrets can be stored on the
with the client). To create a script app, you first have to register it at
https://www.reddit.com/prefs/apps. Make sure you’re logged
in as the user you want the script to authorize as when you register the app. At the bottom of
the page, click “Create New App”, and fill in the name, select script type, enter a short
description (that will only be seen by you), leave the about url empty, and set the redirect uri
to https://www.example.com. (We do this because this field is only necessary for installed
apps but is required to be filled in anyway.)
Once you create the app, a box should pop up that has the name of your app, and then shortly below it a string of random characters. This is the id of the script. Then lower in the properties there should be a field called “secret” with another long string of characters. That is your app’s secret.
Once you have the id and secret, you can instantiate an OAuthApp::Script enum with the id and
secret of the script and the username and password of the user that registered the app, and
pass it into the authorize function of an App instance.
Installed Apps
Installed apps are used when you want your program to be able to be authorized as any user that is using it. They are unable to keep a secret, so it is more complicated to authorize them. An installed app has no secret id. Instead, it requires that the user visits a url to reddit.com containing info for authorization. After authorizing, reddit.com will redirect the web browser to the redirect uri specified during the app registration, with the tokens requested as parameters. The redirect uri is usually the loopback address with a custom port, and the app starts an HTTP server to recieve that request and the tokens included.
Most of this work is implemented for you by orca. At the moment, there is some lacking in
customizability, but that will hopefully change in the future. Currently, orca opens the
reddit.com in the default browser using the open crate, and the redirect uri must always be
127.0.0.1:7878.
To create an installed app, the process at first is similar to Script app types. Visit
https://www.reddit.com/prefs/apps, and create a new app,
this time with the installed type. Fill in the name, set it to installed app, fill in a short
description (this time it’s visible by anyone using your app), enter an about url if you want,
and set the redirect uri to exactly http://127.0.0.1:7878 (hopefully this will be customizable
in the future).
When you create this app, the id of the app will be shorly below the name in the box that comes
upp. Now in you application code, create an OAuthApp::InstalledApp with the id of you app and
the redirect uri exactly as you entered it when you registered the app. When you call the
authorize function with this as a parameter, it will open a web browser with either a reddit
login prompt, or if you are already logged in, a request for permission for your app. Once you
click allow, the page should redirect to a simple display of the words Authorization successful.
Hopefully this too will be customizable one day.
Installed apps, unlike scripts, require periodic reauthorization, or will expire without the
possibility of refreshing if a permanent duration wasn’t requested. This should be done
automatically by the net::Connection instance.