search

Nico113 / mpoauthconnection

Automatically exported from code.google.com/p/mpoauthconnection
0 stars 0 forks source link

Expired request token #15

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Get a request token from the OAuth service provider.
2. Cancel the authorization, resulting in no access token.
3. Retry authorization.

The old request token is now stored in the keychain and MPOAuth will use
the stored request token for any subsequent authorization attempt,
resulting, correctly, in the service provider returning HTTP 401 responses.

What is the expected output? What do you see instead?
The request tokens should probably not be stored in the keychain. At the
very least they should be cleared when the service provider returns a 401
when trying to get the access token.

What version of the product are you using? On what operating system?
SVN revision 106

Original issue reported on code.google.com by morten...@gmail.com on 25 Mar 2009 at 8:22

GoogleCodeExporter commented 9 years ago 
MPOAuthNotificationRequestTokenRejected is now sent when this situation arises 
and the request token is 
deleted so that you can call -authenticate again on MPOAuthAPI and begin the 
dance anew

Original comment by karl.a...@gmail.com on 26 Mar 2009 at 6:13