Displaying all 4 messages
Michael Berkovich
7/28/2011 at 11:47
Please use this section to discuss any issues related to the Oauth 2 spec and how Geni implements it.
Private User
7/30/2011 at 0:42
I noticed in https://github.com/geni/geni-ios-sdk/blob/master/src/Geni.m that there is an undocumented method for getting an accesstoken directly by using grant_type:password which would be perfect for desktop applications since it does not require involving a browser or setting up your own mini-server which I am using now to connect.

I made a quick test, but got a 403 Forbidden errorcode with the message Client not authorized for grant_type=password

What is the criteria to get such access?
Michael Berkovich
8/2/2011 at 12:50
Here is the documentation for the Trusted Application Flow:

http://www.geni.com/platform/developer/help/oauth_trusted_client?version=1

This flow can only be used if your application has a trust relationship with the user and no other flow can work for your application. For example, you can use this flow if you have a highly privileged desktop application and user wants to give your application explicit access to all user data by providing you with user login and password. This flow is not enabled by default. If you want to use this flow, please email us and after we review your request we will make a decision on granting you the flow access.

There is an alternative option for desktop applications that does not require you to run a server in your desktop app. For example, you can use this approach:

http://www.geni.com/platform/developer/help/oauth_desktop?version=1

Notice that we will redirect to our internal web page. So all you have to do is to capture the redirect and get the access token from the URL.

Private User
9/21/2011 at 4:21
Just tested using the oauth_desktop method, - works fine, except a minor thing:
* Canceling the request redirects to platform/oauth/auth_success instead of platform/oauth/auth_failed which the documentation states. The parameters are however enough to detect the result.
app016