New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to catch degenerate credentials? #250

Closed
jennybc opened this Issue Jun 19, 2015 · 2 comments

Comments

Projects
None yet
2 participants
@jennybc
Member

jennybc commented Jun 19, 2015

What is the recommended way to catch a valid Token2.0 object that nonetheless holds invalid credentials?

Run this bit of the Google demo:

> library(httr)
> myapp <- oauth_app("google",
+ key = "16795585089.apps.googleusercontent.com",
+ secret = "hlJNgK73GjUXILBQvyvOyurl")
> google_token <-
+ oauth2.0_token(oauth_endpoints("google"), myapp,
+ scope = "https://www.googleapis.com/auth/userinfo.profile",
+ cache = TRUE)
Waiting for authentication in browser...
Press Esc/Ctrl + C to abort
Authentication complete.

BUT, in the browser, click "Cancel" instead of "Accept". The resulting token is technically valid in this sense:

> inherits(google_token, "Token2.0")
[1] TRUE

but there's a problem with the credentials:

> google_token$credentials
$error
[1] "invalid_request"

$error_description
[1] "Missing required parameter: code"

This token is still successfully cached in .httr-oauth. You can restart R, repeat the call to oauth2.0_token(…), and get the same technically valid but degenerate token back.

How should I catch this broken state and start OAuth afresh? Right now I'm doing something like this: if("error" %in% names(google_token$credentials)) {…}. I guess I could write a wrapper that checks inherits(…, "Token2.0") and this name thing before considering the token to be valid. Or is there a better way to check for a valid Token2.0 object and credentials that are at least plausible?

@hadley

This comment has been minimized.

Member

hadley commented Jun 19, 2015

You should file a bug so that invalid tokens don't get cached ;)

@hadley

This comment has been minimized.

Member

hadley commented Dec 17, 2015

Fixed in 21f6d57

@hadley hadley closed this Dec 17, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment