I am sure there is something I fundamentally do not understand about oath2.
I am trying to make django-rest-framework and react work w/ fusionauth.
In react I have a button that redirects to the fusionauth authentication page. Once a user successfully logs into fusionauth, it sends a code to a redirect URL on the django backend. That DRF view exchanges the code for an authentication token and some other other info like an ID. Using that ID, I can find a corresponding (local) django user and generate a JWT token (or whatever sort of authentication system I wind up using) for that user and return it as JSON.
The bit I don't understand, is how do I pass that JSON back to the frontend?
I did eventually get this working. My solution was to make the redirect URL from FusionAuth goto the frontend. Once the frontend is passed an authorization code (just a URL Parameter in the GET), then it passed that code to the backend using a standard fetch. The backend returned w/ tokens and user details. Once those got stored in state, the frontend knew the user was authenticated.