feat(oauth2): persist refresh token between Toolbox restarts

For smooth login experiences we should persist in in the OS credential manager (Keychain on macOS, Windows Credential Manager, libsecret/keyring on Linux) the following:
- client id
- client secret
- refresh token
Coder server implements Dynamic Client Registration (RFC 7591), each installation registers itself and gets its own unique client_id and client_secret, that can be stored in the OS keyring.

Other notes:
- access token, discard on exit
- access token expiry,  needed only for the duration of the session
- code verifier, delete after token exchange
- state, delete after redirect verification

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(oauth2): persist refresh token between Toolbox restarts #267

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

feat(oauth2): persist refresh token between Toolbox restarts #267

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions