Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect check for insecure transport on OAuth1.0 #627

Open
Zaczero opened this issue Feb 17, 2024 · 0 comments
Open

Incorrect check for insecure transport on OAuth1.0 #627

Zaczero opened this issue Feb 17, 2024 · 0 comments
Assignees
@lepture
Labels
bug

Comments

@Zaczero
Copy link

Zaczero commented Feb 17, 2024

Describe the bug

The current implementation of OAuth1Request checks for insecure transport which is incorrect. OAuth 1 is protocol-independent and it does not depend on TLS layer to secure the communication. This check is only necessary during OAuth 2 communication.

Additionally, the error description mentions OAuth 2 which indicates that this class was accidentally copied over from OAuth 2 implementation.

Expected behavior

OAuth1Request does not check for insecure transport and the InsecureTransportError is removed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lepture lepture

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lepture @Zaczero