docs: Add documentation for the browser auth feature

Author: xitij2000

auth/src/main/java/org/openedx/auth/data/api/AuthApi.kt

@@ -38,6 +38,7 @@ interface AuthApi {
         @Field("grant_type") grantType: String,
         @Field("client_id") clientId: String,
         @Field("code") code: String,
+        @Field("redirect_uri") redirectUri: String
     ): AuthResponse
 
     @FormUrlEncoded

auth/src/main/java/org/openedx/auth/data/repository/AuthRepository.kt

@@ -49,6 +49,7 @@ class AuthRepository(
             grantType = ApiConstants.GRANT_TYPE_CODE,
             clientId = config.getOAuthClientId(),
             code = code,
+            redirectUri = "${config.getApplicationID()}://oauth2Callback"
         ).mapToDomain().processAuthResponse()
     }
 

core/src/main/java/org/openedx/core/config/Config.kt

@@ -27,6 +27,10 @@ class Config(context: Context) {
         return getString(API_HOST_URL, "")
     }
 
+    fun getApplicationID(): String {
+        return getString(APPLICATION_ID, "")
+    }
+
     fun getOAuthClientId(): String {
         return getString(OAUTH_CLIENT_ID, "")
     }
@@ -139,6 +143,7 @@ class Config(context: Context) {
 
     companion object {
         private const val API_HOST_URL = "API_HOST_URL"
+        private const val APPLICATION_ID = "APPLICATION_ID"
         private const val OAUTH_CLIENT_ID = "OAUTH_CLIENT_ID"
         private const val TOKEN_TYPE = "TOKEN_TYPE"
         private const val FAQ_URL = "FAQ_URL"

docs/0001-strategy-for-data-streams.rst …sions/0001-strategy-for-data-streams.rstdocs/0001-strategy-for-data-streams.rst renamed to docs/decisions/0001-strategy-for-data-streams.rst docs/0001-strategy-for-data-streams.rst renamed to docs/decisions/0001-strategy-for-data-streams.rst

@@ -0,0 +1,45 @@
+How to user Browser-based Login and Registration
+================================================
+
+Introduction
+------------
+
+If your Open edX instance is set up with a custom authentication system that requires logging in
+via the browser, you can use the ``BROWSER_LOGIN`` and ``BROWSER_REGISTRATION`` flags to redirect
+login and registration to the browser.
+
+The ``BROWSER_LOGIN`` flag is used to redirect login to the browser. In this case clicking on the
+login button will open the authorization flow in an Android custom browser tab and redirect back to
+the application.
+
+The ``BROWSER_REGISTRATION`` flag is used to redirect registration to the browser. In this case
+clicking on the registration button will open the registration page in a regular browser tab. Once
+registered, the user will **not** be automatically redirected to the application.
+
+Usage
+-----
+
+In order to use the ``BROWSER_LOGIN`` feature, you need to set up an OAuth2 provider via
+``<LMS>/admin/oauth2_provider/application/`` that has a redirect URL with the following format
+
+    ``<application id>://oauth2Callback``
+
+Here application ID is the ID for the Android application and defaults to ``"org.openedx.app"``. This
+URI scheme is handled by the application and will be used by the app to get the OAuth2 token for
+using the APIs.
+
+Note that normally the Django OAuth Toolkit doesn't allow custom schemes like the above as redirect
+URIs, so you will need to explicitly allow the by adding this URI scheme to
+``ALLOWED_REDIRECT_URI_SCHEMES`` in the Django OAuth Toolkit settings in ``OAUTH2_PROVIDER``. You
+can add the following line to your django settings python file:
+
+.. code-block:: python
+
+    OAUTH2_PROVIDER["ALLOWED_REDIRECT_URI_SCHEMES"] = ["https", "org.openedx.app"]
+
+Replace ``"org.openedx.app"`` with the correct id for your application. You must list all allowed
+schemes here, including ``"https"`` and ``"http"``.
+
+The authentication will then redirect to the browser in a custom tab that redirects back to the app.
+
+NOTE: If a user logs out from the application, they might still be logged in, in the browser.

docs/how-tos/auth-using-browser.rst

@@ -0,0 +1,8 @@
+"How-To" Guides
+###############
+
+
+.. toctree::
+:glob:
+
+*