oauth_callback can't be URL encoded when passing with GET

[arbel03]

Hi! I am implementing my own OAuth1 handler and when trying to pass the oauth_callback I received a "URL Callback invalid" error multiple times, when I changed my code of getting the query string that should look like this:

oauth_callback=...&oauth_consumer_key=...&oauth_nonce=...&oauth_signature=...&oauth_signature_method=HMAC-SHA1&oauth_timestamp=...&oauth_version=1.0

With the parameters URL encoded to this:

    return getOAuthString(seperator: "&", format: { (key, value) -> String in
            //oauth_callback shouldn't be url encoded.

            final_value = key == "oauth_callback" ? value : value.urlEncoded()
            return "\(key)=\(final_value)"
    })

It suddenly worked. a URL decode would help there a lot 👍 . Thanks!

[larssn]

See this old pull request https://github.com/WP-API/OAuth1/pull/92

Basically, the oauth_callback url gets double encoded. Our current workaround is to double encode this param as well... to make the handshake work.

In JS (our params object):

const params = this.toRfc3986(`oauth_callback=${this.toRfc3986(callbackUrl)}&oauth_consumer_key=${key}&oauth_nonce=${nonce}&oauth_signature_method=${sigMet}&oauth_timestamp=${ts}&oauth_version=${ver}`);

Seeing as that pull request is from 2015, not sure it's on anyone's todolist.