[feature] Support for oauth redirect_uri urn:ietf:wg:oauth:2.0:oob

[tsmethurst]

This is the mechanism Mastodon uses to allow users to request tokens to pass to external apps and bots that can't go through the normal browser webflow.

The oauth library we're using in GoToSocial doesn't yet support this, so we need to look into hacking around it.

[ffuentese]

When I try to get connected from a browser on a computer using Chromium or Firefox that url isn't understood and clients like toot can't get authorized.

[xxxserxxx]

Is there a work-around for this? The README implies compatability; can anyone use any Mastodon client with GoToSocial without this?

[tsmethurst]

can anyone use any Mastodon client with GoToSocial without this?

Yes, clients that don't use oob tokens still work fine (pinafore, tusky, etc), with no additional steps or workaround required.

If you need the token separately, the workaround is currently to log in with something like pinafore and check your network requests for the Authorization: Bearer [token] header. It's not ideal but it works until we get this properly implemented :)

[xxxserxxx]

I'd been using Fedilab (Android) with a mastodon.social account. It does connect and authenticate to gotosocial; I was able to change my avatar through the app as well. Any other changes (unlocking the account, setting posts to public, making the account findable) all resulted in an error on the server:

timestamp="04/10/2022 01:55:07.959" func=router.loggingMiddleware.func1 level=INFO latency=1.132434ms clientIP=10.0.2.100 userAgent=okhttp/3.14.9 method=PATCH status
Code=400 path=/api/v1/accounts/update_credentials msg="Bad Request: wrote 160B"

I did a quick search in the issues and didn't find a match, so I'm still not sure if this is just a weird interaction between Fedilab and gotosocial, or something else.

The issue is that's 2-for-2 of the clients I use that don't work with gotosocial and I'm not sure where to go from here.

[tsmethurst]

Bad request, hmm.... Will have to debug this one.

For clients, there are still plenty that work, but I can understand it's a bit frustrating when your fave clients don't. Did you try the latest version of Fedilab? See #521 (comment)

If it still doesn't work, I'll open an issue to investigate fedilab incompatibility :)

[xxxserxxx]

Hm. The last post on that ticket mentions Fedilab 3.0.10 working; I'm running Fedilab 3.3.0, so maybe there's been a regression.

I'll change the log level on gotosocial and open a (different) ticket with more information.

UPDATE #895

[xxxserxxx]

I've confirmed that #889 works with tut and gomphotherium. Thank you!