Discussion on Implementing OAuth and Kakao in Xano
In this meeting, the State Changers discussed about their ongoing project, addressing specifically the implementation and use of OAuth and Kakao. The discussion revolved around token decoding, setting permissions, and utilizing cryptographic signatures for user verification.
Specific tools and processes they discussed include:
1. JWT (JSON Web Tokens): They explored a deep dive on how these tokens work, specifically how they are cryptographically signed to ensure their provenance. To validate the JWTs, they needed access to a public key.
2. Xano: Tools from Xano were utilized for data manipulation, such as creating variables for storing fetched keys and performing operations such as splitting, decoding, and filtering data.
3. Cryptography: Discussed extensively on how to decode and interpret the cryptographic data. The process involved base64 decoding and subsequent JSON decoding to obtain meaningful data from the cryptographic signature.
The team also encountered some issues during the implementation process which they debugged together. They implemented dynamic key pulling to replace hard-coded values and tested each step to validate their solution. The discussion highly focused on good security practice and anti-forgery measures.