Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

generateAuthUrl doesn't pass state token #71

Closed
rodrigogoncalves opened this issue Jan 18, 2016 · 3 comments
Closed

generateAuthUrl doesn't pass state token #71

rodrigogoncalves opened this issue Jan 18, 2016 · 3 comments
Assignees
@murgatroid99
Labels
🚨 This issue needs some love. triage me I really want to be triaged.

Comments

@rodrigogoncalves
Copy link

Should the generateAuthUrl method from OAuth2Client accept a state param in order to generate an auth url that provides anti-forgery unique session token validation?

The implementation flow suggested by Google (link) uses an auth url with the state param.
@murgatroid99
Copy link
Contributor

As far as I can tell, that is already supported. If you call generateAuthUrl({state: state}), then that should be propagated to the output. The same is true of any other parameter that can go into the auth library.

@rodrigogoncalves
Copy link
Author

It is true, that parameter is sent back in the response. It was just undocumented.

@yoshi-automation yoshi-automation added triage me I really want to be triaged. 🚨 This issue needs some love. labels Apr 6, 2020
@rodrigogoncalves rodrigogoncalves removed their assignment Feb 1, 2021
@rodrigogoncalves rodrigogoncalves removed their assignment Feb 1, 2021
@rodrigogoncalves
Copy link
Author

Please @JustinBeckwith, do not assign this to me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@murgatroid99 murgatroid99

Labels
🚨 This issue needs some love. triage me I really want to be triaged.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@murgatroid99 @rodrigogoncalves @yoshi-automation