New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add callback URL to authorization URL, not request token URL #373
Conversation
It looks like the callback URL is currently being added as a parameter on the request token URL, but it should really be part of the authorization URL. This change adds the callback to the authorization URL.
could you need why you are doing this? postOAuthRequestToken already send the callbackurl |
I believe this is a bug. I need to include a callback URL when sending the user to the authentication page. However, when OAuth1Swift constructs the authorization URL, it's only using the value in I expect to be able to do the following:
When I do that, I expect the URL called in the authorization step (step 2) to be: However, the current functionality is that the generated URL is: |
I have the same requirement as @tschmitz for TripIt. Use auth URL should be of the form: Is there a work-around? Thanks. |
please refer to the RFC https://tools.ietf.org/html/rfc5849 For me accepting here the callback url, is a security issue The only thing I can accept is a boolean to configure oauth swift to add this functionality |
That would work for me. |
Original author could update its PR or you can make a new one |
That would work for me as well. (Sorry for the slow response - been out of town for a few days.) I'd rather defer to you on the best way to implement rather than updating this PR. |
76c7873 |
It looks like the callback URL is currently being added as a parameter on the request token URL, but it should really be part of the authorization URL. This change adds the callback to the authorization URL.