juliogallardo1326 / oauth-signpost

Automatically exported from code.google.com/p/oauth-signpost
0 stars 0 forks source link

oauth_callback should go inside the authorization header #22

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
When creating a request token, the oauth_callback param is a query
parameter, whereas all other oauth_* parameters are inside the
Authorization header.

Original issue reported on code.google.com by chiragsh...@gmail.com on 4 Nov 2009 at 6:45

GoogleCodeExporter commented 8 years ago
Just wondering, is that a problem for your setup?

Original comment by m.kaepp...@gmail.com on 5 Nov 2009 at 10:02

GoogleCodeExporter commented 8 years ago
Weird. I just tried changing this so that the callback param goes in the Auth 
header, 
too, and Twitter starts replying 401s. I can't find a word in the standard why 
the 
oauth_callback would not be allowed in the Auth header, but I'll leave it in 
the query 
params for now if it causes providers to misbehave.

I'll see if I can sort this out with the Twitter and/or OAuth folks.

Original comment by m.kaepp...@gmail.com on 22 Jan 2010 at 8:51

GoogleCodeExporter commented 8 years ago
It may be needed for LinkedIn OAuth so I am voting for it. See
http://developer.linkedin.com/message/3450#3450

Regards
Nabeel Mukhtar

Original comment by nabeelmukhtar on 8 Feb 2010 at 6:33

GoogleCodeExporter commented 8 years ago
I've seen people using Signpost with LinkedIn successfully. Are you sure it's 
actually 
an issue? I just saw you replying in the thread you linked saying it was 
actually a 
problem with the timestamp?

Original comment by m.kaepp...@gmail.com on 24 Feb 2010 at 10:04

GoogleCodeExporter commented 8 years ago
Yes. Its currently not an issue. A linked in developer just hinted that its a
potential issue that can happen in the future. Its no longer high on my 
priority list.
Thanks for your help.

Original comment by nabeelmukhtar on 25 Feb 2010 at 5:04

GoogleCodeExporter commented 8 years ago
will be fixed in 1.2.1

Original comment by m.kaepp...@gmail.com on 12 Mar 2010 at 4:47

GoogleCodeExporter commented 8 years ago

Original comment by m.kaepp...@gmail.com on 14 Mar 2010 at 10:05