tejado
Option to login with token only
This is different then issues where people talk about saving the token once you login and re-use it. I'm talking about logging in with only token. java api has this feature.
https://github.com/Grover-c13/PokeGOAPI-Java
It's just very bad for security, it shows in your history and process list.
http://serverfault.com/questions/592744/how-to-hide-a-password-passed-as-command-line-argument
Token is much safer alternative, and if it is compromised somehow; you won't lose your whole account.
I'm more familiar with the java pogo api, they use the access_token and refresh it every 5 min to get refresh_token so you never need to enter anything else. We can do something similar here.
I implemented also authentication tickets. They are refreshed before they expire. But you are correct, I have to implement a way that the user of the lib can provide an oauth token and not the google/ptc credentials itself.
I'd love to see the implementation of a refresh token. Authorization to my google account is not managed by google, so the current google credential method does not work. Would also allow others to provide me with a refresh token so I can do an inventory dump for them.
