Skip to content


Subversion checkout URL

You can clone with
Download ZIP


small change #3

wants to merge 1 commit into from

2 participants



I made a tiny change in the go-oauth code you wrote. It is working well for me and I've integrated it as my oauth1 support in my web toolkit. (Seven5 is the toolkit, hoping to push out a new release in the next couple of weeks.)

Anyway, when integrating go-oauth with evernote I found that evernote doesn't supply the oauth_token_secret at the 2nd token exchange. This is a documented behavior on their website, so I suppose they know what they are doing...

Please merge if you want, otherwise I'll leave it in my account.



I submitted e54801b to allow "" as a secret. Can you test this change and let me know if it works with Evernote?

If a flag is required for Evernote, then the flag should be specified in the Client struct instead of the method parameters. The flag is logically a per-client setting. Specifying the flag in the client avoids breaking existing users of the package.


I did a quick test with e54801b and found that it fixes the problem with Evernote.

@garyburd garyburd closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jan 25, 2013
This page is out of date. Refresh to see the latest.
Showing with 5 additions and 5 deletions.
  1. +5 −5 oauth/oauth.go
10 oauth/oauth.go
@@ -363,7 +363,7 @@ func (c *Client) Post(client *http.Client, credentials *Credentials, urlStr stri
return client.Do(req)
-func (c *Client) request(client *http.Client, credentials *Credentials, urlStr string, params url.Values) (*Credentials, url.Values, error) {
+func (c *Client) request(client *http.Client, credentials *Credentials, urlStr string, allowEmptySecret bool, params url.Values) (*Credentials, url.Values, error) {
c.SignParam(credentials, "POST", urlStr, params)
resp, err := client.PostForm(urlStr, params)
if err != nil {
@@ -388,7 +388,7 @@ func (c *Client) request(client *http.Client, credentials *Credentials, urlStr s
if credentials.Token == "" {
return nil, nil, errors.New("No OAuth token in server result")
- if credentials.Secret == "" {
+ if credentials.Secret == "" && !allowEmptySecret {
return nil, nil, errors.New("No OAuth secret in server result")
return credentials, vals, nil
@@ -405,19 +405,19 @@ func (c *Client) RequestTemporaryCredentials(client *http.Client, callbackURL st
if callbackURL != "" {
params.Set("oauth_callback", callbackURL)
- credentials, _, err := c.request(client, nil, c.TemporaryCredentialRequestURI, params)
+ credentials, _, err := c.request(client, nil, c.TemporaryCredentialRequestURI, false, params)
return credentials, err
// RequestToken requests token credentials from the server. See
// for information about token
// credentials.
-func (c *Client) RequestToken(client *http.Client, temporaryCredentials *Credentials, verifier string) (*Credentials, url.Values, error) {
+func (c *Client) RequestToken(client *http.Client, temporaryCredentials *Credentials, verifier string, allowEmptySecret bool) (*Credentials, url.Values, error) {
params := make(url.Values)
if verifier != "" {
params.Set("oauth_verifier", verifier)
- credentials, vals, err := c.request(client, temporaryCredentials, c.TokenRequestURI, params)
+ credentials, vals, err := c.request(client, temporaryCredentials, c.TokenRequestURI, allowEmptySecret, params)
if err != nil {
return nil, nil, err
Something went wrong with that request. Please try again.