Building a new OAuth2 authenticator for Onshape


#1

I would like to build an authenticator that works with Onshape. However, Onshape only allows the token request to be sent with a url encoded POST body, whereas it seems that the generic oauthenticator implementation sends the token request in a JSON body. Does the generic implementation support url encoded requests and I’m just missing it? Clarification on the oauth flow can be found here: https://dev-portal.onshape.com/help


#2

This is definitely a case that generic oauthenticator is meant to cover. GenericOAuthenticator sends the token request as a url-encoded body of a POST. It then follows up this request with a GET using the token to identify the user.

Unfortunately, I can’t read that onshape doc without creating an onshape account, so I’m not sure how exactly their request flow works.

GenericOAuthenticator does:

  • redirect to oauth provider
  • provider redirects back to callback_url with code in url params
  • POST to provider token_url with code in POST body params and Accept: application/json
  • parse result as JSON, extracting access_token field
  • GET request to userdata_url to retrieve the user model with the access token in Authorization: Bearer <token> header
  • get username from JSON reply in the field username_key