OAuth Reponse URL not encoded

As per https://docs.clover.com/clover-platform/docs/using-oauth-20, we have implemented step 1, Request merchant authorization, for which we send our state value, which is URL encoded (i.e. { gets encoded to %7B) as per RFC guidelines, e.g. state=%7B%22user_id%22:%22abc%22,%22status%22:%22ok%22%7D

Once the merchant authorisation takes place, the response from clover (https://sandbox.dev.clover.com) does not appear to be fully encoded, below is what we receive:

state={%22user_id%22:%22abc%22,%22status%22:%22ok%22}. Our Tomcat server throws an error:

Due to this error, we are unable to proceed with accepting and storing the token received. Is there a way to fix this from the Clover side? I believe we can "relax" our Tomcat server, but then, we wouldn't be adhering to RFC.

Has anyone encountered this before, and if so, how did you get around this?

10 |2000

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

David Marginian ♦♦ commented · Jun 11, 2020 at 12:23 PM

I know our docs say "any" string can be used for state, but, I would suggest using a non JSON string to avoid this issue.

0 ·

vind6 David Marginian ♦♦ commented · Jun 11, 2020 at 12:41 PM

But, we have other systems that we integrate with, in a standard manner, which supports this just fine. And we are adhering to RFC.

0 ·

David Marginian ♦♦ vind6 commented · Jun 11, 2020 at 12:52 PM

Understood, and I have created an issue on our end, however, I cannot tell you when that issue will be addressed.

0 ·

Show more comments

question