Feature Request: Consider adding support for the OAuth2 Device Authorization Flow

[MarkJaroski]

Is your feature request related to a problem? Please describe.

OAuth2 has a device authorization flow which could provide a smoother authentication method compared to the native application flow which the project uses at the moment.

Describe the solution you'd like

The user should be able to specify the device authorization flow as an option. In this flow the native application presents an 8 character code to the user, who then enters it online, which either authorizes the application against an existing session or authenticates the user.

Describe alternatives you've considered

Well, you could eventually pop up a browser window, but that would be a lot harder to achieve.

Additional context

No response

[kevinchristianson]

I'm trying to auth in ubuntu server and am struggling to complete the loop with no GUI. I second the request for an alternate device authorization flow.

[abraunegg]

@kevinchristianson

I'm trying to auth in ubuntu server and am struggling to complete the loop with no GUI.

FYI - you do not need a GUI to complete the auth process.

You can copy the auth URL to any system, do the auth there, then copy the URI back to the prompt.

[MarkJaroski]

FYI - you do not need a GUI to complete the auth process.

You can copy the auth URL to any system, do the auth there, then copy the URI back to the prompt.

I can absolutely verify this, and the nativeclient approach isn't a problem for me at all. I've even borrowed this technique - which I first learned about here - in a set of scripts that I wrote to demonstrate OAuth2 flows for my colleagues (and vendors !)

But the device flow is easier for people to understand, so it would be nice to have.

[kevinchristianson]

Sorry for not responding earlier--haven't had a chance to get back to this. I have tried copying the URL to another system and copying the response URL back but I'm still hitting 400s. Probably something on my end though if other users aren't hitting it.

[abraunegg]

@kevinchristianson
Ensure you are pasting back the FULL response URI back to the application. Also ensure your system running 'onedrive' can access the required URL that validates the URI.

You can also double check what is going when you paste the repsonse on by running the application with -v -v --debug-https at startup

[kevinchristianson]

I had some other issues with my server and ended up starting fresh on ubuntu desktop. I got things working using the web browser there without a hitch. Still not sure why it didn't work on ubuntu server, but I assume it was user error or something wrong on my end. Appreciate the help!

[phuzz]

Am I right in thinking that using the device authorization flow would mean not having to copy the URI back into the client? If so this would be really useful for me. I have a lot of...lets say 'untechnical'...users who struggle with the current re-authorisation process, and streamlining it in any way would be very helpful.