jcoglan
commented
10 years ago This library implements draft-10, which allows code, token, and code_and_token. The RFC allows code and token -- see section 3.1.1.
Closed ahadinyoto closed 10 years ago
jcoglan
commented
10 years ago This library implements draft-10, which allows code, token, and code_and_token. The RFC allows code and token -- see section 3.1.1.
ahadinyoto
commented
10 years ago Noted that. Thanks for the clarification.
In the example/application.rb the expected initial request as given in the commented line is:
With RFC 6749 section 4.1.1 , the only allowable
response_typeiscode.I'm using Omniauth-OAuth2 which seems to adhere to the current RFC standard which won't allow the
response_typeto be changed to anything else. This has affected the flow in the example/application.rb.Reference: http://stackoverflow.com/questions/6354262/omniauth-cant-change-response-type-to-token-in-strategy