oauth
OAuth Skill
This skill provides guidance for OAuth 2.0 and OpenID Connect implementations.
OAuth 2.0 Flows
Authorization Code Flow (Recommended for web apps)
1. User → App: Click "Login with Google"
2. App → Auth Server: Redirect with client_id, redirect_uri, scope
3. User → Auth Server: Authenticate and consent
4. Auth Server → App: Redirect with authorization code
5. App → Auth Server: Exchange code for tokens
6. Auth Server → App: Access token + refresh token
PKCE Extension (Required for SPAs/mobile)
# Generate code verifier and challenge
More from jpoutrin/product-forge
rfc-specification
RFC (Request for Comments) specification writing with objective technical analysis. Use when creating technical specifications, design documents, or architecture proposals that require structured evaluation of options and trade-offs.
11generate-tasks
Convert PRD to structured task list with automatic linking
6brainstorm-solution
Structured brainstorming for technical solutions
5typescript-import-style
Merge-friendly import formatting (one-per-line, alphabetical). Auto-loads when writing TypeScript/JavaScript imports to minimize merge conflicts in parallel development. Enforces consistent grouping and sorting.
5typescript-code-review
TypeScript and React code review guidelines (type safety, React patterns, performance). Auto-loads when reviewing TypeScript/React code.
5zod
Zod schema validation patterns and type inference. Auto-loads when validating schemas, parsing data, validating forms, checking types at runtime, or using z.object/z.string/z.infer in TypeScript.
5