Comments (3)
stephaniewilkinson
commented on July 19, 2024
Hi! I'm following you over here from goodreads. When you give goodreads the callback URI, it appends ?oauth_token=token&authorize=1 to the end of the URI.
Can you get the other params out of your callback?
If not, then you could save the params from your google script as a variable and append it. You could redirect from the callback url to another URL with the params appended.
Here's how I did it in my app, FWIW (although I wasn't working with two sets of params): https://github.com/stephaniewilkinson/bookmooch/blob/master/app.rb#L36
from apps-script-oauth1.
erickoledadevrel
commented on July 19, 2024
Unfortunately it seems like the Goodreads API isn't following the OAuth 1.0 specification. As per their documentation:
The oauth_callback param value must not contain any query string params.
However, the official OAuth 1.0 specification says:
The callback URL MAY include Consumer provided query parameters. The Service Provider MUST retain them unmodified and append the oauth_token parameter to the existing query.
Apps Script requires a state parameter in the /usercallback URL in order to run. The library is passing this parameter, but Goodreads is blindly appending it's parameters instead of adding them on with ampersands as required by spec.
from apps-script-oauth1.
erickoledadevrel
commented on July 19, 2024
I've been able to work around this bug in their implementation by using the web app URL instead of the normal callback URL, since the web app URL doesn't require any state parameters. I've published a sample that shows how to do this.
from apps-script-oauth1.
Related Issues (20)
- QuickBooks error when querying with = HOT 1
- Modify Callback Function? HOT 2
- Not working anymore? HOT 1
- Lack of RSA-SHA1 support HOT 3
- Support for "2-legged" OAuth v1.0a? HOT 6
- Support for Standalone Google Apps Script Projects HOT 1
- Etsy OAuth 1.0 issues HOT 9
- OAUTH Token undefined HOT 2
- OAuth1a without TokenUrl HOT 5
- Can I pass Basic Auth of request url ? HOT 4
- Unknown or previously rejected token HOT 1
- XeroPrivate.gs needs PLAINTEXT oauth signature method but RSA-SHA1 encoded consumer secret HOT 1
- Upgrade to the latest version of the OAuth signer library
- Implement fetchAll
- OAuth1 not working in Chrome V8 Engine HOT 1
- Trello Invalid Signature HOT 1
- Security: OAuth Client ID and Secret are accessible to any user of an Apps Script in almost all samples HOT 1
- [SyncRepoSettings bot] - Invalid config file
- .
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apps-script-oauth1.