Hoppscotch Desktop for self-hosting #4028
Replies: 2 comments
-
Hi, So I downloaded the desktop app but If you don't mind can you tell me how & where do I need to copy these function to make oauth flow work correctly. I have my BE server in Local & Azure App Service. But I'm getting trouble Auth via Oauth2 Authorization Code Flow using Azure. |
Beta Was this translation helpful? Give feedback.
-
If you're exploring self-hosting options for Hoppscotch Desktop, Hosting Mastery Hub offers a range of possibilities. By hosting Hoppscotch Desktop yourself, you gain greater control and customization over the environment. Here's how you can set it up:
By self-hosting Hoppscotch Desktop through Hosting Mastery Hub, you can leverage their infrastructure and support while retaining control over your hosting environment. This allows you to tailor the setup to your specific needs and preferences, ensuring an optimal experience for managing and testing APIs. |
Beta Was this translation helpful? Give feedback.
-
Hi all!
I understand that Hoppscotch Desktop is concentrating on stability and will care for self-hosting later.
I nevertheless really love the desktop app - and wanted to have the self-hosting figured out.
So - I took a look. In my case the SSO with Azure was in focus.
My goal:
Actually not much was missing for this. I would like to share my thoughts about this:
The user journey
user clicks on login
popup opens with configured SSO providers.
This did not work as the platform function getAllowedAuthProviders was not implemented.
I just copied over the function from selfhosted-web. That worked nicely.
hoppscotch/packages/hoppscotch-selfhost-web/src/platform/auth/auth.api.ts
Line 17 in eecc3db
After clicking on SSO (in my case Azure), the tauri app calls backend with /auth/microsoft?redirect_uri=desktop
hoppscotch/packages/hoppscotch-selfhost-desktop/src/platform/auth.ts
Line 44 in eecc3db
This at the end opens up the default browser (authorization code flow) and logs in the user. The provided redirect URI in this case is MICROSOFT_CALLBACK_URL="http://localhost:3170/v1/auth/microsoft/callback"
After successful user login, microsoft redirect to the above URL with the auth code. This is processed here:
hoppscotch/packages/hoppscotch-backend/src/auth/auth.controller.ts
Line 163 in eecc3db
here the trouble started, because the the implementation after retrieving all tokens and setting cookies just call this custom uri: REDIRECT_URL="hoppscotch://localhost" which opens up the hoppscotch up again. In a web scenario this would be nice as the cookies would be also transported. In a custom schema scenario as with tauri - obviously not. So I decided to place the cookie parameters just as query parameters like this:
hoppscotch/packages/hoppscotch-selfhost-desktop/src/platform/auth.ts
Line 264 in eecc3db
The corresponding new server parts looks like this:
That it!
Works like a charme even with refreshing.
I actually think that this cookie auth stuff here is not very nice.
I am thinking about replacing all this with a normal Authorization JWT Bearer in the Headers.
This would make thinks here more straightful.
Leave me your thoughts about this!
Beta Was this translation helpful? Give feedback.
All reactions