Closed ryancwalsh closed 3 months ago
To use https://api.schwabapi.com/v1/oauth/
as a base url and an authorize
endpoint directly below it, use:
{
server: 'https://api.schwabapi.com/v1/oauth/', // note the final slash
authorizationEndpoint: 'authorize' // no slash at the start
}
By default authorizationEndpoint
is /authorize
, and the standard rules for expanding relative urls are applied, like:
new URL(authorizationEndpoint, server);
Ah, yes!
Makes sense!
I'm curious:
https://github.com/badgateway/oauth2-client?tab=readme-ov-file#usage has defaults with preceding slashes:
tokenEndpoint: '/token',
authorizationEndpoint: '/authorize',
Any thoughts on making those defaults not have preceding slashes and instructing in the docs that the "server" should end in a slash?
The Oauth2 flows I've seen are always at a path like /v1/oauth/...
, and I wonder if that's the case for most other people too, in which case it seems like default endpoints would be more convenient without the preceding slash.
I'm no expert, so it's just food for thought.
In any case, your suggestion works for me, so I'm all set.
Thanks!
It's a fair point. Something to consider for a future BC break version. Also perhaps something that can be clarified in the docs.
I'm hoping more people will simply use the discovery document. Way better to just let the server tell the client where everything can be found!
I thought this would work (notice the value of "server"):
But then
getAuthorizeUri()
returnshttps://api.schwabapi.com/authorize?client_id=id&response_type=code&redirect_uri=________&scope=readonly
, where the URL is missing/v1/oauth
.It should instead return
https://api.schwabapi.com/v1/oauth/authorize?client_id=id&response_type=code&redirect_uri=________&scope=readonly
.A workaround would be for me to prepend
/v1/oauth
to the values forauthorizationEndpoint
andtokenEndpoint
, but it would be convenient to just leave them appended to "server".Am I misunderstanding something?
Thanks!