Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AuthCodeURL should not include empty values #41

Closed
GoogleCodeExporter opened this issue Mar 25, 2015 · 5 comments
Closed

AuthCodeURL should not include empty values #41

GoogleCodeExporter opened this issue Mar 25, 2015 · 5 comments
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 

What steps will reproduce the problem?
1. Use an oauth.Config that doesn't make use of optional fields like Scope, 
AccessType, or ApprovalPrompt.
2. Call config.AuthCodeURL(foo). Useless parameters are included in the URL.

What is the expected output? What do you see instead?

I expect to see something like this:

https://example.com/auth?client_id=ClientId&redirect_uri=http%3A%2F%2Flocalhost%
3A8080%2Fhandler&response_type=code&state=foo

But instead I see this:

https://example.com/auth?access_type=&approval_prompt=&client_id=ClientId&redire
ct_uri=http%3A%2F%2Flocalhost%3A8080%2Fhandler&response_type=code&scope=&state=f
oo

What version of the product are you using? On what operating system?


Please provide any additional information below.

Original issue reported on code.google.com by griffin...@gmail.com on 26 Aug 2014 at 3:40
@GoogleCodeExporter
Copy link
Author 

https://codereview.appspot.com/130560044

Original comment by a...@golang.org on 26 Aug 2014 at 8:09

  • Changed state: Started
  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

I took a look at your proposed changes and noticed you don't consider scope to 
be an optional parameter, but the client *is* allowed to omit it [1], and that 
seems to me to be the only reasonable behavior for services with no documented 
scope strings. For example, the Harvest API doesn't make any use of it [2].

[1]: http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-3.3
[2]: https://github.com/harvesthq/api/blob/master/Authentication/OAuth%202.0.md

Original comment by griffin...@gmail.com on 26 Aug 2014 at 3:42

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

This issue was closed by revision 80c87b4b6700.

Original comment by a...@golang.org on 27 Aug 2014 at 1:41

  • Changed state: Fixed
  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Thanks for your feedback. I made the scope and redirect uri fields optional too

Original comment by a...@golang.org on 27 Aug 2014 at 4:08

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Thanks, it was a simple issue but I still didn't expect such a quick turnaround 
time!

Original comment by griffin...@gmail.com on 27 Aug 2014 at 6:15

  • Added labels: ****
  • Removed labels: ****

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter