-
Notifications
You must be signed in to change notification settings - Fork 465
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🎫 [STAMPS] As a passport holder, I can add a Twitter stamp to my passport #28
Comments
Look into how Gitcoin Trust Bonus does this - if the "Tweet and check tweet" strategy is leaner, then consider it. |
Testing is blocked due to Twitter suspending our developer acct/app |
The twitter account is good to go again, we got caught up in an automated bulk banning system that caught us by mistake 😅 |
shavinac
added a commit
that referenced
this issue
May 12, 2022
- add procedures/twitterOauth.ts to handle server-side OAuth 2.0 flow - implement providers/twitter to verify a user's username given an oauth access code and session key we must implement OAuth flow server-side because Twitter API currently does not allow the bearer token request from a browser (CORS issue). this means the twitter stamp is a multi-step process: 1. app requests the authorization url from iam, prompts user to click through 2. when user clicks through to twitter, and approves the oauth request, twitter redirects user back to app 3. app collects access code and state (session key) from query parameters on the redirect 4. app passes in access code and session key with the actual verify request to iam. iam exchanges access code for an auth bearer token to verify user's twitter info, and verify flow proceeds as normal [#28]
for reference: why twitter oauth doesn't work in the browser: microsoft/reverse-proxy#1675 |
brentmartin
changed the title
As a passport holder, I can add a Twitter stamp to my passport
🎫 [STAMPS] As a passport holder, I can add a Twitter stamp to my passport
May 13, 2022
gdixon
pushed a commit
that referenced
this issue
May 16, 2022
- add procedures/twitterOauth.ts to handle server-side OAuth 2.0 flow - implement providers/twitter to verify a user's username given an oauth access code and session key we must implement OAuth flow server-side because Twitter API currently does not allow the bearer token request from a browser (CORS issue). this means the twitter stamp is a multi-step process: 1. app requests the authorization url from iam, prompts user to click through 2. when user clicks through to twitter, and approves the oauth request, twitter redirects user back to app 3. app collects access code and state (session key) from query parameters on the redirect 4. app passes in access code and session key with the actual verify request to iam. iam exchanges access code for an auth bearer token to verify user's twitter info, and verify flow proceeds as normal [#28]
shavinac
added a commit
that referenced
this issue
May 17, 2022
- add procedures/twitterOauth.ts to handle server-side OAuth 2.0 flow - implement providers/twitter to verify a user's username given an oauth access code and session key we must implement OAuth flow server-side because Twitter API currently does not allow the bearer token request from a browser (CORS issue). this means the twitter stamp is a multi-step process: 1. app requests the authorization url from iam, prompts user to click through 2. when user clicks through to twitter, and approves the oauth request, twitter redirects user back to app 3. app collects access code and state (session key) from query parameters on the redirect 4. app passes in access code and session key with the actual verify request to iam. iam exchanges access code for an auth bearer token to verify user's twitter info, and verify flow proceeds as normal [#28]
shavinac
added a commit
that referenced
this issue
May 17, 2022
App: - twitter oauth redirect appears as a popup - callback variables (passed as query params in redirect back from twitter) are passed between windows - updates other card tests to remove unnecessary test data IAM Server: - add procedures/twitterOauth.ts to handle server-side OAuth 2.0 flow - implement providers/twitter.ts to verify a user's username given an oauth access code and session key we must implement OAuth flow server-side because Twitter API currently does not allow the bearer token request from a browser (CORS issue). this means the twitter stamp is a multi-step process: 1. app requests the authorization url from iam, prompts user to click through 2. when user clicks through to twitter, and approves the oauth request, twitter redirects user back to app 3. app collects access code and state (session key) from query parameters on the redirect 4. app passes in access code and session key with the actual verify request to iam. iam exchanges access code for an auth bearer token to verify user's twitter info, and verify flow proceeds as normal [#28]
shavinac
added a commit
that referenced
this issue
May 17, 2022
App: - twitter oauth redirect appears as a popup - callback variables (passed as query params in redirect back from twitter) are passed between windows - updates other card tests to remove unnecessary test data IAM Server: - add procedures/twitterOauth.ts to handle server-side OAuth 2.0 flow - implement providers/twitter.ts to verify a user's username given an oauth access code and session key we must implement OAuth flow server-side because Twitter API currently does not allow the bearer token request from a browser (CORS issue). this means the twitter stamp is a multi-step process: 1. app requests the authorization url from iam, prompts user to click through 2. when user clicks through to twitter, and approves the oauth request, twitter redirects user back to app 3. app collects access code and state (session key) from query parameters on the redirect 4. app passes in access code and session key with the actual verify request to iam. iam exchanges access code for an auth bearer token to verify user's twitter info, and verify flow proceeds as normal [#28]
shavinac
added a commit
that referenced
this issue
May 18, 2022
App: - twitter oauth redirect appears as a popup - callback variables (passed as query params in redirect back from twitter) are passed between windows - updates other card tests to remove unnecessary test data IAM Server: - add procedures/twitterOauth.ts to handle server-side OAuth 2.0 flow - implement providers/twitter.ts to verify a user's username given an oauth access code and session key we must implement OAuth flow server-side because Twitter API currently does not allow the bearer token request from a browser (CORS issue). this means the twitter stamp is a multi-step process: 1. app requests the authorization url from iam, prompts user to click through 2. when user clicks through to twitter, and approves the oauth request, twitter redirects user back to app 3. app collects access code and state (session key) from query parameters on the redirect 4. app passes in access code and session key with the actual verify request to iam. iam exchanges access code for an auth bearer token to verify user's twitter info, and verify flow proceeds as normal [#28]
Repository owner
moved this from In Progress (WIP)
to Done (Needs Review)
in Passport
May 18, 2022
Closed by #87 |
0xflywill
pushed a commit
to 0xflywill/passport
that referenced
this issue
Sep 6, 2022
App: - twitter oauth redirect appears as a popup - callback variables (passed as query params in redirect back from twitter) are passed between windows - updates other card tests to remove unnecessary test data IAM Server: - add procedures/twitterOauth.ts to handle server-side OAuth 2.0 flow - implement providers/twitter.ts to verify a user's username given an oauth access code and session key we must implement OAuth flow server-side because Twitter API currently does not allow the bearer token request from a browser (CORS issue). this means the twitter stamp is a multi-step process: 1. app requests the authorization url from iam, prompts user to click through 2. when user clicks through to twitter, and approves the oauth request, twitter redirects user back to app 3. app collects access code and state (session key) from query parameters on the redirect 4. app passes in access code and session key with the actual verify request to iam. iam exchanges access code for an auth bearer token to verify user's twitter info, and verify flow proceeds as normal [passportxyz#28]
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
GIVEN that I am logged into my passport
WHEN I click the call to action on the Twitter stamp
THEN I see a message that ask me to sign in through OAuth
AND WHEN I have successfully sign in through OAuth
THEN my Twitter stamp shows that I am verified
Notes
Story Points
2
The text was updated successfully, but these errors were encountered: