Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Your new implementation does not work as intended #23

Closed
gilles-crealp opened this issue Dec 7, 2022 · 4 comments
Closed

Your new implementation does not work as intended #23

gilles-crealp opened this issue Dec 7, 2022 · 4 comments
Labels
bug Something isn't working

Comments

@gilles-crealp
Copy link

Sorry, but your new implementation (version 2) do not work as intended.

  1. Optional parameters (like scope) are declared in data even if not set.
    The call oauth.clientCredentials(axios, 'https://example.com', 'foo', 'bar')() send grant_type=client_credentials&client_id=foo&client_secret=bar&scope= to the API.
  2. The parameters of the function returned by your first function do not end up correctly in data.
    The call oauth.clientCredentials(axios, 'https://example.com', 'foo', 'bar')('baz') send 0=b&1=a&2=z&grant_type=client_credentials&client_id=foo&client_secret=bar&scope= to the API.
@compwright
Copy link
Owner

  1. Optional parameters (like scope) are declared in data even if not set.
    The call oauth.clientCredentials(axios, 'https://example.com', 'foo', 'bar')() send grant_type=client_credentials&client_id=foo&client_secret=bar&scope= to the API.

Does this break things? An empty scope= parameter hasn't been an issue so far. What OAuth 2.0 implementation are you trying to use this with?

  1. The parameters of the function returned by your first function do not end up correctly in data.
    The call oauth.clientCredentials(axios, 'https://example.com', 'foo', 'bar')('baz') send 0=b&1=a&2=z&grant_type=client_credentials&client_id=foo&client_secret=bar&scope= to the API.

You're not doing it right. Either include the scope as the last parameter to oauth.clientCredentials(), or as an property to the function that oauth.clientCredentials() returns. For example:

oauth.clientCredentials(axios, 'https://example.com', 'foo', 'bar', 'baz')()

will send grant_type=client_credentials&client_id=foo&client_secret=bar&scope=baz.

Or:

const getClientCredentials = oauth.clientCredentials(axios, 'https://example.com', 'foo', 'bar')
getClientCredentials({ scope: 'baz' })

will send grant_type=client_credentials&client_id=foo&client_secret=bar&scope=baz.

@compwright compwright added the invalid This doesn't seem right label Dec 7, 2022
@gilles-crealp
Copy link
Author

Does this break things? An empty scope= parameter hasn't been an issue so far.

Yes, returning an 400 Bad Request error on a OAuth 2.0 implementation that I do not own...

You're not doing it right.

Yes, I know. But you must update your README.md documentation. 😉

@compwright compwright added bug Something isn't working and removed invalid This doesn't seem right labels Dec 7, 2022
compwright pushed a commit that referenced this issue Dec 7, 2022
fix: state-specific arguments did not work as documented
89804b8 
Resolves #21 , #23
@compwright
Copy link
Owner

Resolved in v2.0.1

@gilles-crealp
Copy link
Author

Thank you! 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@compwright @gilles-crealp