Content
View differences
Updated by Eric Schubert over 1 year ago
**As** an admin of an OpenProject installation
**I want to** easily setup an OAuth app for mobile apps
**so that** my users don‘t have to enter a client ID when setting up their mobile app.
**Acceptance criteria**
* Seed OAuth application for the use of mobile apps
* Seeding will also be run for existing installations
* Register non-confidential app (that means there is no secret) with predefined Application ID: `openprojectmobileapp`
* Allowed redirect URI: `openprojectmobileapp://oauth-callback`
* OAuth Application name: OpenProject Mobile App
* Mark the seeded OAuth application as builtin, preventing its deletion or editing
* Allow enabling/disabling of the built-in OAuth application. ~~Other Other OAuth applications do not need~~ need
* Enforce PKCE (https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md). Don't allow changing that value.
* OAuth applications are split into two lists: **Built-in OAuth applications** and **Other OAuth applications**
* When clicking on the name of a OAuth Application the (read-only) details view opens.
* OAuth table is a primer border box
* All clickable elements inside the box have the link color (ref #57649)
**Out of scope:**
* Primerization of **OAuth application** details page
### QA
* the whole feature is currently behind the feature flag "Built in Oauth Applications", if not activated switch it on `/admin/settings/experimental`
* If the feature flag is taken off before release, disregard that
**I want to** easily setup an OAuth app for mobile apps
**so that** my users don‘t have to enter a client ID when setting up their mobile app.
**Acceptance criteria**
* Seed OAuth application for the use of mobile apps
* Seeding will also be run for existing installations
* Register non-confidential app (that means there is no secret) with predefined Application ID: `openprojectmobileapp`
* Allowed redirect URI: `openprojectmobileapp://oauth-callback`
* OAuth Application name: OpenProject Mobile App
* Mark the seeded OAuth application as builtin, preventing its deletion or editing
* Allow enabling/disabling of the built-in OAuth application. ~~Other
* Enforce PKCE (https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md). Don't allow changing that value.
* OAuth applications are split into two lists: **Built-in OAuth applications** and **Other OAuth applications**
* When clicking on the name of a OAuth Application the (read-only) details view opens.
* OAuth table is a primer border box
* All clickable elements inside the box have the link color (ref #57649)
**Out of scope:**
* Primerization of **OAuth application** details page
### QA
* the whole feature is currently behind the feature flag "Built in Oauth Applications", if not activated switch it on `/admin/settings/experimental`
* If the feature flag is taken off before release, disregard that