Authenticate using the OAuth device flow, as defined by RFC 8628. It's designed for devices that don't have access to a web browser (if you've ever authenticated an app on your TV, this is probably the flow you've used), but it also works well from within R.
Learn more about the overall OAuth authentication flow in https://httr2.r-lib.org/articles/oauth.html.
Arguments
- req
A httr2 request object.
- client
An
oauth_client().- auth_url
Authorization url; you'll need to discover this by reading the documentation.
- scope
Scopes to be requested from the resource owner.
- auth_params
A list containing additional parameters passed to
oauth_flow_auth_code_url().- token_params
List containing additional parameters passed to the
token_url.- cache_disk
Should the access token be cached on disk? This reduces the number of times that you need to re-authenticate at the cost of storing access credentials on disk.
Learn more in https://httr2.r-lib.org/articles/oauth.html.
- cache_key
If you want to cache multiple tokens per app, use this key to disambiguate them.
- pkce
Use "Proof Key for Code Exchange"? This adds an extra layer of security and should always be used if supported by the server.
Value
req_oauth_device() returns a modified HTTP request that will
use OAuth; oauth_flow_device() returns an oauth_token.
Examples
req_auth_github <- function(req) {
req_oauth_device(
req,
client = example_github_client(),
auth_url = "https://github.com/login/device/code"
)
}
request("https://api.github.com/user") |>
req_auth_github()
#> <httr2_request>
#> GET https://api.github.com/user
#> Body: empty
#> Policies:
#> • auth_sign: a list
#> • auth_oauth: TRUE