oauth_callback can't be URL encoded when passing with GET
arbel03 opened this issue · comments
Hi!
I am implementing my own OAuth1 handler and when trying to pass the oauth_callback I received a "URL Callback invalid" error multiple times,
when I changed my code of getting the query string that should look like this:
oauth_callback=...&oauth_consumer_key=...&oauth_nonce=...&oauth_signature=...&oauth_signature_method=HMAC-SHA1&oauth_timestamp=...&oauth_version=1.0
With the parameters URL encoded to this:
return getOAuthString(seperator: "&", format: { (key, value) -> String in
//oauth_callback shouldn't be url encoded.
final_value = key == "oauth_callback" ? value : value.urlEncoded()
return "\(key)=\(final_value)"
})
It suddenly worked.
a URL decode would help there a lot 👍 . Thanks!
See this old pull request #92
Basically, the oauth_callback url gets double encoded.
Our current workaround is to double encode this param as well... to make the handshake work.
In JS (our params object):
const params = this.toRfc3986(`oauth_callback=${this.toRfc3986(callbackUrl)}&oauth_consumer_key=${key}&oauth_nonce=${nonce}&oauth_signature_method=${sigMet}&oauth_timestamp=${ts}&oauth_version=${ver}`);
Seeing as that pull request is from 2015, not sure it's on anyone's todolist.