This modules provides a REST resource to get an OAuth authorization code for login by integrating with the Simple OAuth and the Verification API modules.
In some scenarious we want to login the user without the user actively providing the login credentials. E.g. when clicking a password reset link.
To accomplish this, this module provides a REST resource to request a OAuth authorization code, which can later be exchanged for an access token.
A authorization code can only be requested, if the request is verified via the Verification API (e.g. a verification code that has been sent to the user's e-mail account).
If the verification was successful, a authorization code is being generated for the given user.
Fore more information have a look at the Verification API docs.
This module requires a configured Consumer / Client with the Authorization Code Grant
enabled (the authorization code settings do not matter).
Do not forget to enable the REST resource and to set the correct permissions.
Grant the REST resource permission to anonymous users, otherwise login will not work!
The module only handles the generation of the auth code and requires additional modules to setup a complete workflow of handling e.g. passwordless login or a password reset.