beaugunderson
commented
6 years ago this is due to the caching middleware being on by default for every GET or HEAD view that returns a 200 status; Open Humans views can opt out with e.g. NeverCacheMixin and PrivateMixin but a method to turn off caching for /oauth2/ URLs would need another middleware, I think
When programming against our API this afternoon I ran into some troubles in which openhumans complained about the wrong redirect URLs. I had a super hard time debugging this. In the end it seems that the fault lay with our caching system that hadn't propagated my new URLs yet.
Todo: Make sure Oauth2 URLs are not subject to caching. 😂