req_oauth_device: OAuth with device flow

In r-lib/httr2: Perform HTTP Requests and Process the Responses

OAuth with device flow

Description

Authenticate using the OAuth device flow, as defined by RFC 8628. It's designed for devices that don't have access to a web browser (if you've ever authenticated an app on your TV, this is probably the flow you've used), but it also works well from within R.

Learn more about the overall OAuth authentication flow in https://httr2.r-lib.org/articles/oauth.html.

Usage

req_oauth_device(
  req,
  client,
  auth_url,
  scope = NULL,
  auth_params = list(),
  token_params = list(),
  cache_disk = FALSE,
  cache_key = NULL
)

oauth_flow_device(
  client,
  auth_url,
  pkce = FALSE,
  scope = NULL,
  auth_params = list(),
  token_params = list()
)

Arguments

req	A httr2 request object.
client	An oauth_client().
auth_url	Authorization url; you'll need to discover this by reading the documentation.
scope	Scopes to be requested from the resource owner.
auth_params	A list containing additional parameters passed to oauth_flow_auth_code_url().
token_params	List containing additional parameters passed to the token_url.
cache_disk	Should the access token be cached on disk? This reduces the number of times that you need to re-authenticate at the cost of storing access credentials on disk. Learn more in https://httr2.r-lib.org/articles/oauth.html.
cache_key	If you want to cache multiple tokens per app, use this key to disambiguate them.
pkce	Use "Proof Key for Code Exchange"? This adds an extra layer of security and should always be used if supported by the server.

Value

req_oauth_device() returns a modified HTTP request that will use OAuth; oauth_flow_device() returns an oauth_token.

Examples

req_auth_github <- function(req) {
  req_oauth_device(
    req,
    client = example_github_client(),
    auth_url = "https://github.com/login/device/code"
  )
}

request("https://api.github.com/user") |>
  req_auth_github()

r-lib/httr2 documentation built on Jan. 11, 2025, 10:21 a.m.