Using OAuth for both development and production environments

Question

I have seen other questions on SO about this (here, here, and here), but I am not satisfied with any of the solutions, so I am asking it again. I am starting a web application t

Answer 1

I have yet to find a less manual approach that enables dev access to all concerned devices:

1. Assign each developer's machine a fixed IP through the local network's DHCP system based on their MAC address, or (less recommended) have them choose an IP and hope for the best
2. (optional*) Assign each developer's machine a DNS hostname in the local network based on that IP
3. Register an oauth entry for developer on each provider with the hostname of the developer's machine.
4. Each developer configures their application to use their unique oauth dev tokens.

Assuming all the devices in the network rely on the same DHCP and DNS servers you'll then be able to visit alice.dev.myapp.com or bob.dev.myapp.com from any device on the network.

Note, you'd manage the oauth configuration for each an every other environment separately, but following the same approach.

There are likely tools to automate registering a developer's machine IP and hostname to ease that part of the puzzle. Registering the oauth config on each provider per dev is the most tedious step.

UPDATE

*You can skip the DNS part if you use a xip.io url e.g. 10.0.0.123.xip.io if you know Alice is 10.0.0.123, but you'd still want that IP to be fixed as you don't want to keep updating the url for the oauth tokens in step 4.