Closed DeadSuperHero closed 1 month ago
Hi, you're right, thank you for pointing this out! I realize that so far we relied on the fact that the WordPress site didn't have a closely matching post slug for the oauth/authorize
endpoint. I'll add the necessary rewrite config.
When I try to log in with this plugin, the default redirect behavior of WordPress navigates to the article with the closest spelling possible. It navigates to this: https://wedistribute.org/2023/12/authorized-fetch-circumvented/
The URL I'm directed to is that article, with a question mark reflecting the string of
client_id
, values ofscope
, theredirect_uri
value, and theresponse_type
.It looks like the default behavior of WordPress skips over the actual OAuth URL and goes straight to this article instead.