Options to return authServer URL when using API

Currently, when creating or updating a remote through the RC API ("config/create") non-interactively, the only options for authorization are rclone starting a web server locally (authServer) and automatically opening a web browser with the local auth URL while rclone waits (and does not send a response to the API call until auth is completed), or prompting the user to run 'rclone authorize' on another machine, depending on whether the boolean parameter "config_is_local" is set to true or false.

The problem with the former is that there is no way to get the auth url from the 'client' in case a web browser cannot be automatically opened on the 'server'. My use case is an iOS app, and to be able to successfully authorize remotes I absolutely need to be able to obtain the auth URL (or authstate) via the API so that the local authorization page can be presented in a WKWebView within the app.

Optimally, the existing behavior of the initial config/create call waiting for authentication and not returning anything would remain as is (makes it easy to detect completion in the front-end), while adding options to return the url or cancel the authentication via separate api calls. Actually, those do not even have to be added to the RC api, they could be done through the authServer itself.
Alternatively, config/create could have an extra option (eg "noBrowser") which, instead of trying to open the auth URL when config_is_local=true and authorization is needed, would return the url/authstate, and keep the authorize server open until either canceled by some specific subsequent API call or the authorization was completed.

I temporary solved this in my fork by exporting the auth state variable and making the auth server respond to auth.Code == "cancel" by shutting down the server (that is in case the user wants to cancel authentication in the GUI) in oauthutil.go. However that is probably not the best option (certainly not the auth state part) and I would prefer if I did not have to rely on a fork just for minor fixes like this.

This deficiency has been noted before by the author of rcx.

Rclone prints the URL which is how RCX gets it which isn't ideal.

Ideally this should be part of the config state machine, so rclone should return the URL and leave the auth server running. I think this would be a relatively small patch and I think would satisfy your needs.

Some extra parameter to specify that would be fine - your suggestion of noBrowser could work.

I'd be happy to work with you to get something like that merged. Do you want to make a PR with that idea in it?

I don’t think capturing or redirecting stdout is possible on iOS, so printing the url doesn’t help.
A noBrowser parameter should work, I will go ahead and implement that and submit a PR later.

I figured I can work around the canceling issue by just sending a blank response from the client and ignoring the error, so that part won’t be necessary.
The other iOS-specific issue is that the gopsutil package used in osversion.go doesn't work (it considers it the same as macOS, and uses the incompatible 'm1cpu' package), but I will try to get the broken package fixed first. If unsuccessful I'll make another PR to use an alternative when building for iOS only.


That would be great :slight_smile:

I don't think we are building rclone (or librclone) for IOS in the CI - maybe you'd like to contribute a build for that? Then we can be sure rclone does build for IOS. We have a similar build for android.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.