https://kotlinlang.org logo
Join Slack
Powered by
Hi <@U0BLPSJAK>, I found it quite hard to understa...
# ktor
g
Hi @Deactivated User, I found it quite hard to understand how to use the OAuth feature and its magic. I finally did my own implementation that made me understand all interactions. I think that, in the oauth guide, having a sequence diagram that shows the different requests between the browser, ktor and the oauth provider would help.
đŸ¤” 1
For me the magic is on the (4) 
/login
call. Your example has this code:
Copy code
authenticate("google-oauth") {
                route("/login") {
                    handle {
                        val principal = call.authentication.principal<OAuthAccessTokenResponse.OAuth2>()
                            ?: error("No principal")
It’s difficult to understand what is happening by reading the code: 1. 
/login
is called by a redirect from the OAuth provider after the user validation on provider website (4), 2. but handled on our behalf by ktor authentication, to retrieve the token (4.1), 3. before giving us the possibility of making a call to the provider(4.2).
5 Views
Open in Slack
PreviousNext
Powered by