Closed gordonwoodhull closed 4 years ago
I again attempted to follow Basic authentication on Wikipedia and again failed:
eyeMac:rcloud gordon$ git diff packages/
diff --git a/packages/githubgist/R/do.R b/packages/githubgist/R/do.R
index f456baf6..b0570858 100644
--- a/packages/githubgist/R/do.R
+++ b/packages/githubgist/R/do.R
@@ -25,8 +25,7 @@ access.token.githubcontext <- function(query, ctx) {
result <- POST(paste(rcloud.config("github.base.url"), "login/oauth/access_token", sep=''),
config=accept_json(),
body=list(
- client_id=ctx$client_id,
- client_secret=ctx$client_secret,
+ Authorization=paste("Basic", base64encode(paste0(ctx$client_id, ':', ctx$client_secret))),
code=query["code"]))
l <- list(token=content(result)$access_token)
if (is.character(ret <- state$redirect) && length(ret) && nzchar(ret[1L]))
Invalid token, could not authenticate with the back-end
No, that's not the reported location (notice that it says /user
) - the OAUTH part is doing exactly what the API describes.
The issue is actually elsewhere - rgithub
passes client_secret
where it shouldn't https://github.com/att/rgithub/issues/2
Aha, it's objecting to the query parameters not the body.
Thanks, closing in favor of att/rgithub#2
Similar to att/rgithub#1, we are also getting a warning about
client_id
andclient_secret
I think this is the offending code, and their link about basic authentication may actually make sense here.
https://github.com/att/rcloud/blob/570ee40dbed67cbf8e44d3501b6e1a8d955044e4/packages/githubgist/R/do.R#L23-L35