[Feature request] Implement automatic token refresh with Authorization code grant flow #419
Comments
|
Hi there, while this isn't feasible in the current release cycle (2.x), this has already been implemented in the next release cycle (3.0). Id suggest reading the token doc for 3.0 and/or trying the library (note that it is quite barebones at this point in time, and only really suitable for test code). Please do comment on ideas/requests for this, based on the docs and test branch! |
|
Oh right! I'll check it out! :)
…On Mon, Aug 21, 2023 at 8:00 PM Tom ***@***.***> wrote:
Hi there, while this isn't feasible in the current release cycle (2.x),
this has already been implemented in the next release cycle (3.0). Id
suggest reading the token doc for 3.0
<https://twitchio.dev/en/3.0/tokens.html> and/or trying the library (note
that it is quite barebones at this point in time, and only really suitable
for test code). Please do comment on ideas/requests for this, based on the
docs and test branch!
—
Reply to this email directly, view it on GitHub
<#419 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AMCBEFPWDGCAZJR37RUEMJ3XWPSBZANCNFSM6AAAAAA3YX7MNY>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, seems the only credential refresh function this library has is for client credentials(ref 1, ref 2).
I propose an implementation where the library is able to use a user-supplied grant code or refresh token(along with the client id and client secret) to generate a new access token when it becomes invalid or if it is not supplied to begin with.
The motivation is that it'll make the maintenance of a simple chatbot made with the Command Extension(say, by following library example) much simpler. Currently, if a person wants to set up that example, they have to choose between making their own implementation of Authorization code grant flow, or opening a web browser and using Implicit grant flow every time they notice their access token has expired.
With Authorization code grant flow implemented, user interaction will only be required when the user changes their password or if they disconnect the app. ref 3 (or maybe when twitch decides to rotate the keys, for some reason). The server could be left unattended for longer periods of time.
Once this is implemented, it should be easy to update the PubSub hook for when the tokens are expired.
The text was updated successfully, but these errors were encountered: