sukihub
commented
7 years ago Hi, you are right, I did this in #58 :) The reason for this was that OAuth spec requires authorize action to check OAuth params before it does login redirect :)
Open irongomme opened 7 years ago
sukihub
commented
7 years ago Hi, you are right, I did this in #58 :) The reason for this was that OAuth spec requires authorize action to check OAuth params before it does login redirect :)
Why controller allow action authorize, whereas user / app needs to be authenticated to access authorize action. Moreover, the authorize action is doing a check to see if we are authenticated, otherwise it trigger a redirection to the auth login action ... Is this can be more efficient, if we do not allow authorize action, and let cake authcomponent do the redirect ? Because, letting cake doing this make the redirection working after login, otherwise we are redirected to the home page ...
So I suggest, in OAuthController :
What do you thing about ?