mastodon-userstats/AuthNotes.md

References related to Authentication

With Svelte + SQLite:
https://medium.com/@mateuszpiorowski/oauth2-is-so-complicated-or-90-lines-of-code-with-svelte-ab0f5d80d659

With Auth.js + Node.js + Mastodon!:
https://medium.com/@jibla/auth-js-exploration-1b6c27cf076f
code: https://github.com/jibla/authjs-node-example

## Example Auth Flow for Mastodon:
ref: https://docs.joinmastodon.org/client/token/#app

### Step 1 - Get Client info

sent:
```
curl -X POST \
  -F 'client_name=Mastodon Map' \
  -F 'redirect_uris=urn:ietf:wg:oauth:2.0:oob' \
  -F 'scopes=read write push' \
  -F 'website=https://mastomap.magnificent.nz' \
  https://mastodon.nzoss.nz/api/v1/apps`
```

response (json):
```
{
  "id":"6929",
  "name":"Mastodon Map",
  "website":"https://mastomap.magnificent.nz",
  "redirect_uri":"urn:ietf:wg:oauth:2.0:oob",
  "client_id":"RzTkGQY5MXuvRpMjhG6QuW3NADRjTn14e_JqywgX0IA",
  "client_secret":"Sm6hUzIyvnAjYh6j1vXITJqObqCCwK-es33PAoRuhmI",
  "vapid_key":"BDyHmBqMmcoCZQPQoSBAlRG06AuOMsJ64hQyTLUxoB8gP-uaACHJyAGRBj0JjtMtbl7WuQxRNuHh2fFQqSfmQMs="
}
```
### Step 2 - Get Auth Token

sent:
```
curl -X POST \
  -F 'client_id=RzTkGQY5MXuvRpMjhG6QuW3NADRjTn14e_JqywgX0IA' \
  -F 'client_secret=Sm6hUzIyvnAjYh6j1vXITJqObqCCwK-es33PAoRuhmI' \
  -F 'redirect_uri=urn:ietf:wg:oauth:2.0:oob' \
  -F 'grant_type=client_credentials' \
  https://mastodon.nzoss.nz/oauth/token
```

response (json):
```
{
  "access_token":"l3rutZOWZ_LTkku-kjdeZ6F2tv7mucBid5AIgpLEjbg",
  "token_type":"Bearer",
  "scope":"read",
  "created_at":1702891488
}
```

### Step 3 - Verify Auth Token

sent:
```
curl \
  -H 'Authorization: Bearer l3rutZOWZ_LTkku-kjdeZ6F2tv7mucBid5AIgpLEjbg' \
  https://mastodon.nzoss.nz/api/v1/apps/verify_credentials
```

response (json):
```
{
  "name":"Mastodon Map",
  "website":"https://mastomap.magnificent.nz",
  "vapid_key":"BDyHmBqMmcoCZQPQoSBAlRG06AuOMsJ64hQyTLUxoB8gP-uaACHJyAGRBj0JjtMtbl7WuQxRNuHh2fFQqSfmQMs="
}
```

### Step 4 - actual request (for user 1, i.e. lightweight):

sent:
```
curl \
  -H 'Authorization: Bearer l3rutZOWZ_LTkku-kjdeZ6F2tv7mucBid5AIgpLEjbg' \
  https://mastodon.nzoss.nz/api/v1/accounts/1/followers?limit=6 | jq > MastoFollowers.json
```

and see MastoFollowers.json for the first 6 results (see limit=6 above).
more research on Auth stuff, examples of getting Auth token from Mastodon 2023-12-18 22:59:38 +13:00			`References related to Authentication`

			`With Svelte + SQLite:`
			`https://medium.com/@mateuszpiorowski/oauth2-is-so-complicated-or-90-lines-of-code-with-svelte-ab0f5d80d659`

			`With Auth.js + Node.js + Mastodon!:`
			`https://medium.com/@jibla/auth-js-exploration-1b6c27cf076f`
			`code: https://github.com/jibla/authjs-node-example`

			`## Example Auth Flow for Mastodon:`
			`ref: https://docs.joinmastodon.org/client/token/#app`

			`### Step 1 - Get Client info`

moved RoadMap to RoadMap.md and improved Auth example formatting 2023-12-18 23:04:05 +13:00			`sent:`
			```
			`curl -X POST \`
			`-F 'client_name=Mastodon Map' \`
			`-F 'redirect_uris=urn:ietf:wg:oauth:2.0:oob' \`
			`-F 'scopes=read write push' \`
			`-F 'website=https://mastomap.magnificent.nz' \`
			https://mastodon.nzoss.nz/api/v1/apps`
			```
more research on Auth stuff, examples of getting Auth token from Mastodon 2023-12-18 22:59:38 +13:00
			`response (json):`
			```
			`{`
			`"id":"6929",`
			`"name":"Mastodon Map",`
			`"website":"https://mastomap.magnificent.nz",`
			`"redirect_uri":"urn:ietf:wg:oauth:2.0:oob",`
			`"client_id":"RzTkGQY5MXuvRpMjhG6QuW3NADRjTn14e_JqywgX0IA",`
			`"client_secret":"Sm6hUzIyvnAjYh6j1vXITJqObqCCwK-es33PAoRuhmI",`
			`"vapid_key":"BDyHmBqMmcoCZQPQoSBAlRG06AuOMsJ64hQyTLUxoB8gP-uaACHJyAGRBj0JjtMtbl7WuQxRNuHh2fFQqSfmQMs="`
			`}`
			```
			`### Step 2 - Get Auth Token`

			`sent:`
			```
			`curl -X POST \`
			`-F 'client_id=RzTkGQY5MXuvRpMjhG6QuW3NADRjTn14e_JqywgX0IA' \`
			`-F 'client_secret=Sm6hUzIyvnAjYh6j1vXITJqObqCCwK-es33PAoRuhmI' \`
			`-F 'redirect_uri=urn:ietf:wg:oauth:2.0:oob' \`
			`-F 'grant_type=client_credentials' \`
			`https://mastodon.nzoss.nz/oauth/token`
			```

			`response (json):`
			```
			`{`
			`"access_token":"l3rutZOWZ_LTkku-kjdeZ6F2tv7mucBid5AIgpLEjbg",`
			`"token_type":"Bearer",`
			`"scope":"read",`
			`"created_at":1702891488`
			`}`
			```

moved RoadMap to RoadMap.md and improved Auth example formatting 2023-12-18 23:04:05 +13:00			`### Step 3 - Verify Auth Token`
more research on Auth stuff, examples of getting Auth token from Mastodon 2023-12-18 22:59:38 +13:00
			`sent:`
			```
			`curl \`
			`-H 'Authorization: Bearer l3rutZOWZ_LTkku-kjdeZ6F2tv7mucBid5AIgpLEjbg' \`
			`https://mastodon.nzoss.nz/api/v1/apps/verify_credentials`
			```

			`response (json):`
			```
			`{`
			`"name":"Mastodon Map",`
			`"website":"https://mastomap.magnificent.nz",`
			`"vapid_key":"BDyHmBqMmcoCZQPQoSBAlRG06AuOMsJ64hQyTLUxoB8gP-uaACHJyAGRBj0JjtMtbl7WuQxRNuHh2fFQqSfmQMs="`
			`}`
			```

			`### Step 4 - actual request (for user 1, i.e. lightweight):`

			`sent:`
			```
			`curl \`
			`-H 'Authorization: Bearer l3rutZOWZ_LTkku-kjdeZ6F2tv7mucBid5AIgpLEjbg' \`
			`https://mastodon.nzoss.nz/api/v1/accounts/1/followers?limit=6 \| jq > MastoFollowers.json`
			```

			`and see MastoFollowers.json for the first 6 results (see limit=6 above).`