Problem when supplying an erroneous ClientID

urgrue / Java-Twitch-Api-Wrapper

An asynchronous java wrapper for interaction with the Twitch API

MIT License

28 stars 23 forks source link

Problem when supplying an erroneous ClientID #17

Open Gikkman opened 8 years ago

Gikkman commented 8 years ago

If you supply a ClientID which doesn't map to a valid ClientID, or if your RedirectURI does not match the registered RedirectURI, it seems like the .awaitAccessToken() command never returns.

I've tried a lot of different techniques for hacking my way around it but I cannot seem to understand the underlying Authorization process. Is it possible to either A) interrupt the awaitAccessToken() (and make it release its resources) or B) make it detect that the ClientID is not valid?

Gikkman commented 8 years ago

I've found that this problem stems from row 78 in AuthenticationCallbackServer.java. When the .accept()request never sees an incoming connection, it will block indefinitely. In case the ClientID is incorrect, an incoming connection will never occur.

An easy solution would be to add a timeout to the server socket, say about 1-2 minutes. If the user did make a choice within that time, we can assume he will not make on at all.