https://github.com/mitodl/refresh_token

https://github.com/mitodl/refresh_token

Last synced: about 2 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/mitodl/refresh_token
• Owner: mitodl
• License: bsd-3-clause
• Created: 2017-06-21T20:49:33.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2023-10-20T13:38:11.000Z (over 1 year ago)
• Last Synced: 2025-02-17T20:51:21.452Z (3 months ago)
• Language: Python
• Size: 8.79 KB
• Stars: 0
• Watchers: 21
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# refresh_token

Plugin for reddit to generate OAuth refresh tokens for a particular user given a username.

If the user does not exist a new user is created. Essentially this lets anonymous users log in as anyone they want,

with no scope limitations.

**Warning**: This plugin opens a giant security hole. Please do not use it unless you know what you are doing.

## Installation

TBD

## Usage

The plugin exposes an endpoint at `/api/v1/generate_refresh_token?username=`. It returns a JSON dict like this:

    {

        "access_token": "52-pq61YqdqakZaKbYwl8TsADma2HU",

        "expires_in": 3600,

        "token_type": "bearer",

        "scope": "*",

        "refresh_token": "52-3S5VMvq39W4qrueZbl_yCpMzqWg",

        "device_id": "device"

    }

Each time the endpoint is accessed it will create a new refresh token and a new access token.