Points 1-4 is already programmed.
Point 3 is done a bit differently where it’s not on the Boruta client but as the old system on the Application.
Point 4 is not fully tested as I have nuked my database but should work as I based it of the old code and added in Boruta authentication methods.
All of these are available on Glimesh/glimesh.tv at oauth2_lib_removal (github.com)
Hello folks! We’re migrating our API over to using a new internal provider for our OAuth 2.0 requests.
There should be no change required on your end to continue accessing the API. To see if you need to make any changes, we’ve identified some key changes below you should be aware of.
(ordered by potentially required impact)
Access & Refresh Token Length Changes
Previously the access & refresh tokens were alpha numeric based lowercase values 64 characters in length. Newly issued access & refresh tokens will still be alpha numeric based but now mixed with uppercase values and up to 255 characters in length.
Old Token: b765e84e8699e797c7a0b5ceb170cfb3af490da5218207f79f4c59e346c659ec
New Token: RO8mcRW74RSAyUr91y4GXYAqkx1AX4Bz28Y2D0zPw6r0DkVoi1Nc6PjBgaMZem6JmeEeKVCx3pLEkqj7BA2xjf
New Client ID’s are now UUID-based
Previously the Client ID’s where alpha numeric based lowercase values 64 characters in length. The new Client IDs are UUID’s instead. We generated a new Client ID for each application, but have implemented backwards compatibility for your old Client ID. You can visit your applications page to find out your new Client ID.
Old Client ID: 692f5f308a0984ea31597764dcabade6a82350b746162339c2c8f0110d083983
New Client ID: 01c12535-e124-4f4a-9c3d-e780a73cf2a1
Client Secret Length Changes
Previously the Client Secret’s where alpha numeric based lowercase values 64 characters in length. Newly generated Client Secret’s are still alpha numeric based but now mixed with uppercase values and up to 255 characters in length.
Old Client Secret: c1a380075e3a75014a20075eda0352b3cdf5142d4a0c35dd7e66ba78e4f79be2
New Client Secret: ahGUJIyuk8KnRKmYXNDVONInw7OTexhtTaJWJDxdv8UCECB8e3OoaCGIwdjscPJZnxIqLP2CT20C0ToxZ2SQ7V
If you want to future proof your app now, we recommend rotating your keys in your applications page. This will generate your a new secret to add to your app. You can use your newly generated UUID based Client ID as well. There is no need to refresh any of your tokens outside of their normal cycle, as they will be automatically refreshed into the new format as they expire.