I am a bit confused about which type of client to use for which scenario. I have a working auth flow using a Confidential client:
1. User clicks login, our server checks for their globus uuid in our system.
2. oauth2_start_flow(redirect_uri) begins.
3. User logs in to globus and grants us permission if needed.
4. They are redirected back to our site, we grab the code from the request args
5. oauth2_exchange_code_for_tokens(code)
6. etc...
However, when I tried to set up a transfer client (globus_sdk.TransferClient), the error message says that it's not compatible with Confidential clients and to use Native clients.
So I created a Native app client and now have both. However, when trying the auth flow with a Native app client, it fails due to an invalid scope (my redirect uri).
Are automated auth flows not possible with Native clients? I really do not want the user to have to type in a code every time they want to authenticate.
client = GlobusOperations().general_auth_client()
client.oauth2_start_flow(redirect_uri)
if "code" not in request.args:
auth_uri = client.oauth2_get_authorize_url()
return redirect(auth_uri)
else:
code = request.args.get("code")
token = client.oauth2_exchange_code_for_tokens(code)
go = GlobusOperations()
globus_uuid = go.general_auth_client(token)
Extra info: I am using the native client in hopes to be able to manage collections, transfer files, etc. As I understand it, it's not possible for a user to view and manage their own collections with the Confidential client. Or am I missing something?