I’m in the process of converting my application that displays WeatherFlow data on a TV using a ROKU streaming device to use OAuth2 for authentication. Currently it works, but uses a developer key hard-coded in the web call.
The language used by ROKU is basically Javascript with an add-on ultimately making it Brightscript.
I cannot get the HTTP POST parameters correct (I think that’s my problem). Regardless of what I’ve tried I get a 401 response (unauthorized).
A few questions:
-
Once I get the AUTHORIZATION CODE from the initial web call and it’s returned to my provided URL is there a time limit associated with the use of that AUTHORIZATION CODE?
-
Once that AUTHORIZATION CODE is used and “fails”, i.e. returns 401 (unauthorized), is it still usable and can be tried again?
-
Once this works and I get a TOKEN, I haven’t seen any examples about how to use the TOKEN. Are there any good examples somewhere?
-
Once it works does that TOKEN permit viewing any station data that is sharing publicly?
-
Just wondering if this is the best way to implement this type of authentication. My application is running on a ROKU streaming device that is not a web-browser. So that means I will need to present the AUTHORIZATION CODE to the user on a computer then have them input a 36 character alpha numeric string into a TV interface with a TV remote control. If this is the only option then that’s OK just making certain I don’t have other options?
In my attached example I have hard-coded the strings into the POST parameters for troubleshooting purposes, will convert to variables once working.
Thank you in advance !