PGObserver icon indicating copy to clipboard operation
PGObserver copied to clipboard

Published 20 hours ago verified publisher icon zalando

OAuth Authorization Response handling not RFC compliant

Open jbspeakr opened this issue 7 years ago • 0 comments

The current OAuth2-related code in oauth.py expects a scope parameter to be present in the authorization response. Otherwise it won't identify the authorization response as such.

This is not in accordance with RFC6749 (Section 4.1.2, Authorization Code Grant - Authorization Response), could lead to trouble in future and should be removed.

I'll open a PR.

jbspeakr avatar Apr 11 '17 09:04 jbspeakr