Describe the problem you're trying to solve

It would be cool if other apps could show a 'Login with Stacker News' button via OAuth 2.0.

When this button is clicked, users are redirected to Stacker News for authentication purposes and are shown which information will be shared with the other app. An app could also request to share access to the send+receive wallets a user has attached to their Stacker News account.

However, we need to make sure that we don't hand wallet credentials out in a way we can't reverse, especially for paying invoices.

This means that instead of directly giving external apps the sensitive wallet credentials, we probably would need to provide an API endpoint that they would use with an access token to create or pay invoices using the SN wallets of a user.

But since the actual call to the wallet always happens on the client device for spending, this API endpoint would then need to forward the invoice the app wants to have paid to the client device in some way while SN is not running in the foreground. This might be tricky but maybe service workers can help here?

@miketwenty1 has requested this for a game he's building and volunteered to be the first to implement it as an external app once we support this OAuth flow.

References:

• https://datatracker.ietf.org/doc/html/rfc6749
• https://oauth.net/2/
• https://developers.google.com/identity/protocols/oauth2

Describe the solution you'd like

• Turn Stacker News into an authorization server as defined by RFC 6749
• give external apps a secure and reversible way to use wallets a user has already attached to SN

Describe alternatives you've considered

No response

Additional context

No response