posit-dev
feat: check if running on Connect and grab user session token within get_oauth_credentials()
When using connectapi to exchange the user session token for an OAuth access token the environment check and user session token acquisition occur outside of the connectapi package, ex:
# check if running on Posit Connect
if (Sys.getenv("RSTUDIO_PRODUCT") == "CONNECT") {
# initialize Connect API client
client <- connect()
# read the user-session-token header
user_session_token <- session$request$HTTP_POSIT_CONNECT_USER_SESSION_TOKEN
# grab the OAuth Integration access token using the session token
credentials <- get_oauth_credentials(client, user_session_token)
token <- credentials$access_token
We should build this into connectapi.
When running applications in Connect which use the connectapi package, the behavior should be what our users expect to happen. Which is the application uses the viewers credentials by default, instead of the content owners (e.g., CONNECT_API_KEY) credentials. This will break deployment by default, if the content owner has not setup the oauth integration. Therefore, the should be directed towards how to do that when it occurs.
When running locally, the CONNECT_API_KEY should be used.
Closing this as a duplicate of #384 — that's where more of my thoughts are. The conditional check described above is necessary, but this is a problem with documentation, I think.
