I’m developing a simple desktop application that I would like to distribute for others to download but I’ve hit a bit of roadblock with oAuth.
I’ve considered several approaches here that have problems:
- I cannot use a custom protocol in the redirect URI that the app can then capture because twitch only allows http.
- I cannot just set the redirect URI to localhost:port because if I were to distribute my application I would have no guarantee of the port the application was running on.
- I cannot use the OAuth2 Device Flow because twitch does not currently support it, or at least there is no documentation confirming support.
My question is, is there a secure way to authenticate using an OAuth2 flow without having to use a remote web server that provides an appropriate redirect URI? Seems like a lot of trouble for something quite trivial.
I’ve read elsewhere on the forum about a method of capturing the url in the browser and sending this your local client but I’m not really understanding it properly. Doesn’t the redirect uri parameter still need to be something valid regardless?
Would appreciate any advice.