search

p2 / OAuth2

OAuth2 framework for macOS and iOS, written in Swift.
Other
1.16k stars 278 forks source link

authorizeURLWithParams wipe away query params #105

Closed pjechris closed 8 years ago

pjechris commented 8 years ago

Hi there,

I'm stuck while trying to refreshing a token. My token_uri does contain a query parameter that is required by my OAuth agent. This query parameter is succesfully sended when requiring an access_token but wiped away when refreshing it. From what I've seen in code, there's something strange happening inside authorizeURLWithParams:

// compose the URL query component
comp!.percentEncodedQuery = OAuth2.queryStringFor(params)

=> query parameters are replaced by Oauth2 parameters (which will be moved into HTTP body request later on).

Thanks,

p2 commented 8 years ago

The code you're quoting is a class function that just converts the params dictionary into a string.

But yes, additional params are not yet forwarded to the token refresh call. What is the additional parameter, has it to do with authentication? Is it the same parameter you're sending during the authorize call or is it separate?

pjechris commented 8 years ago

It is used by my OpenAM server to identify which realm to use for identification. Maybe I can find a way to configure it directly on the server. Nonetheless behaviour is not consistent as token_uri is unchanged when requesting an access_token while being modified when refreshing one.

p2 commented 8 years ago

So parameter is the same during auth and refresh?

Can you show how token_uri is not changed and what changes when refreshing? I'm not sure I follow.

pjechris commented 8 years ago

my token_uri is "https://servername.com/oauth2/access_token?realm=/gvd". When requesting an access token, url is ""https://servername.com/oauth2/access_token?realm=/gvd". When refreshing the token, url becomes "https://servername.com/oauth2/access_token". My query parameter is missing making request to fail.

p2 commented 8 years ago

Ok thanks, that helps. The way it should work is that you use https://servername.com/oauth2/access_token as token_uri and then pass the extra parameter during authorize:

oauth2.authorize(params: ["realm": "/gvd"])

Right now these parameters are not forwarded to the token refresh call, which seems they should.

p2 commented 8 years ago

I've just pushed an update to master, can you test whether refresh now works, using it as shown in my previous comment?

pjechris commented 8 years ago

Ok it works, thanks!