Comments (6)
Unfortunately, arbitrary error responses aren't supported by the library. The spec is pretty clear about the error response format: https://tools.ietf.org/html/rfc6749#section-5.2. The extensibility in the library allows for additional error codes (as mentioned in https://tools.ietf.org/html/rfc6749#section-11.4), but not an entirely different serialization format.
If you're not in a position to be able to change the server error response format, my recommendation is to manually parse the contents returned in RequestTokenError::Parse
, which should let you read the error response in an arbitrary format. One enhancement to facilitate this would be to include the HTTP response code in RequestTokenError::Parse
, but that would be a breaking change that would need to wait for a 3.x version bump.
from oauth2-rs.
I can understand hesitancy to change things if it would require a 3.x bump, I thought things could still be changed because 2.0 hasn't actually been released yet.
It is a bummer that interfacing with a non-standards-compliant external provider is so complicated, but I'm powerless to change things on there side. There is an asymmetry in that the library arbitrary control over parsing of successful responses, but does not allow the same control for error handling.
I have implemented error handling in my app, but it's actually quite complicated, and was surprised that it was necessary for the error case, when it was not necessary for the success case, and I expected the two generic parameters to Client to work the same.
If things can be changed, and a pull request would be welcomed, I would more than happy to take a crack at it. It seems like ErrorResponse could be the trait, and the parameterization could be isolated to the BasicErrorResponse. I could also be misunderstanding how complicated of a change this would be.
It's also not the end of the world as a work around was possible, and I understand wanting to constrain scope.
Thanks again for the library!
from oauth2-rs.
You raise an excellent point about the asymmetry between the successful response parsing and the error response parsing. #52 described a similar non-compliant situation, and I made TokenResponse
a trait to support that use case. I agree it would make sense to do the same here, for consistency. Unfortunately, that would also be a breaking change, and the API was officially stabilized in https://github.com/ramosbugs/oauth2-rs/releases/tag/2.0.0-beta.1 since no new issues had come in for quite a while during the alpha period.
That said, I'm not opposed to creating a 2.x maintenance branch and bumping the version on master to 3.x in order to accept a PR to do this.
from oauth2-rs.
Awesome! I'll take a crack at it!
from oauth2-rs.
I just looked at the semantic versioning spec, and it says:
A pre-release version indicates that the version is unstable and might not satisfy
the intended compatibility requirements as denoted by its associated normal version.
My interpretation of that is that another major bump is not necessary.
from oauth2-rs.
#60 merged :)
from oauth2-rs.
Related Issues (20)
- Axum example HOT 2
- Is there a reason so many interfaces accept `String` instead of `&str`? HOT 6
- How to add two scopes to google oauth 2 HOT 1
- what is the appropriate way. to add two scopes to google OAuth
- Support using an existing reqwest::Client when making requests HOT 3
- Why not using Response and Request of http::crate directly instead of aliasing it to HttpResponse and HttpRequest? It causes mismatch type error HOT 10
- Future is not Send HOT 5
- version 4.4.2 doesn't work with Google provided token server HOT 1
- (Beta version) : reference to client causes error with axum HOT 10
- Reason of using Fn() instead of FnOnce for AsyncHttpClient and SyncHttpClient HOT 7
- DPoP support HOT 1
- Receiving a JWT token from keycloak server possible? HOT 1
- wasm32 target without `getrandom/js` feature HOT 5
- `StandardTokenResponse` does not support twitch oauth response HOT 2
- Implement SecretType::into_secret HOT 2
- RequestTokenError should include the inner error when displayed as string HOT 5
- Add support for RFC 9068 HOT 4
- Q: Error SSL certificate
- Inconsistent `IssuerUrl` construction HOT 4
- [5.00.alpha4] device code workflow expects interval to be returned from server HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth2-rs.