question

dbaskin avatar image
dbaskin asked twinmind answered

OAuth Flow does not pass state variable back the first time

In reference to this previously asked question: https://community.clover.com/questions/16135/oauth-flow-state-variable-not-passed-back-with-tok.html


Could this be reopened and treated as a bug? This seems like a bug in Clover's implementation of the OAuth protocol. Is there some technical reason why the user must go through 2 separate flows to install the app and then separately do OAuth instead of being able to do both together? All that is missing is passing the state variable back to the caller.

OAuth
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
twinmind avatar image
twinmind answered

I agree, this is not how oauth should work, state parameter should get preserved during app connect phase. It shouldn't get lost.

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community