duplicity-team team mailing list archive

Thread
Date

Re: [Merge] lp:~breunigs/duplicity/amazondrive into lp:duplicity

To: mp+309084@xxxxxxxxxxxxxxxxxx
From: Stefan Breunig <stefan-launchpad@xxxxxxxxxxx>
Date: Mon, 24 Oct 2016 16:58:50 -0000
In-reply-to: <20161022082324.25923.66990.launchpad@ackee.canonical.com>
Reply-to: mp+309084@xxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Ah yes. After a successful oauth Amazon redirects the user to some page, which contain the needed credentials in the query string. That page needs to be whitelisted in Amazon's backend, and they only allow to whistelist httpS://bla URLs. With the sole exception of http://localhost or http://127.0.0.1.

This means I have two choices:
* Redirect to localhost and
  - show a blank page for remote setups (where the browser is not opened on the same machine as duplicity)
  - implement a web server that answers on localhost
* redirect to a public httpS page that works in all cases.

I think latter is both easier and works in all cases. As you already pointed out, in order to show a similar page on duplicity's homepage, http://duplicity.nongnu.org/ would need to be served over https (or at least offer a redirect that's https → http, although I am not sure Amazon would allow that). 

Of course, there is no technical requirement to show anything but a blank localhost page. It's just a tad confusing for the user. Ideally Amazon would offer such a basic instruction page themselves, but they don't -- or at least I couldn't find any.

Cheers
Stefan
-- 
https://code.launchpad.net/~breunigs/duplicity/amazondrive/+merge/309084
Your team duplicity-team is subscribed to branch lp:duplicity.

References

[Merge] lp:~breunigs/duplicity/amazondrive into lp:duplicity
From: Stefan Breunig, 2016-10-22