Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add alsoIntercept400 #270

Closed
wants to merge 1 commit into from

Conversation

salexkidd
Copy link

Hi. I'm p2/oauth2 user for Dropbox API with Implicit grant flow.

I got a problem in OAuth2DataLoader class. But this is not p2/oauth2 fault.
Usually, dropbox have to return 401 or 403, Dropbox was return HTTP 400 (Bad request) in first time access.

No AccessToken in first time

To access Dropbox 400 must be treated as 401...

Please check it. Thx!

@p2
Copy link
Owner

p2 commented Jun 21, 2018

That's a very specific error and I don't believe should be caught by intercepting any 400 error. You have to make sure you authorize first if you don't have a token.

@salexkidd
Copy link
Author

Dear P2

That's a very specific error and I don't believe should be caught by intercepting any 400 error.

I think so too. But, it's before authentication GET (First time access).

You have to make sure you authorize first if you don't have a token.

Normally, dropbox should return 401, and P2/OAuth2 going to Authentication flow.

But, Dropbox return 400.

Please try to Dropbox Implicit flow grant with P2/OAuth2 if you have spare time.

Thx.

@salexkidd
Copy link
Author

I found one peaky solution.
Add fake bearer token to Header before Authorization.

    func postRequest(path: String, callback: @escaping ((OAuth2JSON?, Error?) -> Void))
    {
        let url = baseURL.appendingPathComponent(path)
        var req = oauth2.request(forURL: url)
        req.httpMethod = "POST"
        req.addValue("application/json", forHTTPHeaderField: "Content-Type")

        if req.value(forHTTPHeaderField: "Authorization") == nil {
            req.setValue("Bearer 000000000000000000000000000000000000000000000000000000000000000_", forHTTPHeaderField: "Authorization")
        }
        ...

It is worked for me. But this is not beautiful solution... 😩

@p2
Copy link
Owner

p2 commented Jun 21, 2018

This is an annoying behavior by the API indeed. What I fear is that if indeed there is a problem with the request, a "true" 400, if you set this flag you'll just be prompted to authorize again.

Ok, can you change indentation from spaces to tabs and add to the comment to use this setting only when absolutely necessary?

@salexkidd
Copy link
Author

Dear p2.

Thx for replying!

What I fear is that if indeed there is a problem with the request, a "true" 400, if you set this flag
you'll just be prompted to authorize again.

I think so too. I am worrying about this. Maybe i mess up the p2/oauth2 and causes trouble in other user.

Perhaps it would be better to use way of my fake Authorization header for all p2/oauth2 user.

If you ok, could you add this way to readme and example OAuth2App

Thx!

P.S
I want to send PR to OAuth2App and readme, but my english is so poor 😣 (Using Google Translation now)

@p2
Copy link
Owner

p2 commented Jun 26, 2018

Done, thank you!!

https://github.com/p2/OAuth2/wiki/Dropbox

@p2 p2 closed this Jun 26, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants