Hello everyone!
Today we announce that Codeforces now supports OpenID Connect — authentication protocol based on the OAuth 2.0. This allows third-party websites to implement logging in with Codeforces.
If you want to implement this for yourself, create an OAuth app in API settings.
Codeforces includes user's handle, current rating and avatar url as part of the id token.
Let us know if you hit any issues!
just doesnt feel the same as submitting a compilation error on problem 1789B
Why do you have 0 rating in the example instead of 2250?
screenshot is from local dev env where I have not solved a single problem. 0 is returned for unrated users
Mhm.. This would replace submitting a compilation error on problem 1869/A
so true lol
now logging in is constant time complexity
This is good but I think Codeforces should also implement 2FA to make this feature more secure. Having only a password to secure the account is a bit inadequate when it is linked to other services.
Is giving permission good or bad for us?
kuviman orz
Is there any documentation to integrate this feature?
[DELETE]
yeah, I am also trying to figure out how this works
No official doc yet — just follow standard OpenID Connect. Create an OAuth app in API settings, use authorize and token endpoints, request openid scope. Any OIDC client library will work.
[DELETE]
If anyone else (like me) has no clue how to use this, I made a working example for reference
You should be able to use any OIDC library, or follow the spec. Just point your client to the OIDC discovery endpoint (or use authorization and token endpoints listed there), and give it your client id & secret.
Optimize the user experience in China 优化中国用户体验
does that mean we could revive the cf-tools somehow?
You should also add option to change username anytime! So, that we don't have to wait a whole year for it.
I think they are using it somewhere as a key for a key-value pair, that may be a good reason to not allow changing the username every time. I am assuming this though
I suggest Luogu admins consider using this to verify one's Codeforces account so we don't have to give away the password
It only verifies your account. Luogu still do not have permission to submit your code.
Wait, you guys have been literally giving your Codeforces password to Luogu this entire time????????
Not me but a lot of people did, especially when remote judge was still a thing
What is a uri, or do the developers want to say url ?
URI is a thing
its url no uri, and it is the link of something like codeforces.com
this is the URL of codeforces
But the oauth adding page uses uri.
A generic term for any identifier that refers to a resource. It's a superset that includes both URLs and URN
It is really awesome, now it would be easy to implement authentication in CF Battleground.
Wow!!! Now, feeling like log in is just O(1) time complexity.
This is a really nice addition, thanks for rolling out OAuth / OIDC!
While you’re working on expanding the API surface, could you also consider exposing partial scoring details for IOI style problems in the API? Right now
user.statusandcontest.statusonly return the overallpointsfield (e.g. 55/100), but on the submission page you can click “Perfect result: 100 points” to see the full judgement protocol with subtasks and per-test breakdown. Having that information available via API would be super useful.Would it be possible to add an endpoint or extend the existing
Submissionobject to include this protocol (at least at the subtask level)?is it possible to add email to the id token?
Can I create an OAuth App instance only for developing(i.e. in local network)?
It keeps returning a 401, regardless. Could you please fix it?