add oauth path accessible to lti logins for getting/updating oauth tokens about commit HOT 6 OPEN

once update is complete, then allow the user to continue on... save original lti target in session

from commit.

need to add new controller and new security config for this auth path?

from commit.

iframe pop up in bootstrap modal:

$('#myModal').modal({backdrop: 'static', keyboard: false})

https://stackoverflow.com/questions/22207377/disable-click-outside-of-bootstrap-modal-area-to-close-modal

iframe won't work for the auth, but having the modal contain a button that opens a new window should... the redirect will verify the token received then say "close this window". Everything could be handled with a new controller requiring oauth login that saves and verifies the tokens received.

window.postMessage() should allow signaling back to the lti window that a token has been received. https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage

from commit.

https://tools.ietf.org/id/draft-ideskog-assisted-token-00.html#assisted-token-request

won't work. instead: https://www.kmaschta.me/blog/2017/03/04/github-oauth-authentication-without-server/

from commit.

Need to refactor all oauth and user entities... having multiple paths doesn't seem to be possible/easy.

Two types of users... web/lti both link to a third entity, the github user

web users are created via web sign up, are owners of the courses, need to be enabled

lti users are created when they arrive via lti. if they have instructor role, treat as owners of the course. if they have a learner role, create an lti user if necessary, add to session, and then proceed to oauth if necessary

Both paths require logging on via github before continuing. Logging on via github links the user with a github account. The github accounts are stored separately, multiple user (1 web and n lti) can be attached to the github account.

from commit.

https://www.callicoder.com/spring-boot-security-oauth2-social-login-part-2/

CustomOAuth2UserService

from commit.