Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings
This repository was archived by the owner on Sep 8, 2021. It is now read-only.

Commit 6ed3a90

Browse filesBrowse files
Merge pull request livecode#7381 from bwmilby/bwm-22557-oauth2
[Bug 22557] OAuth2 - Prevent double URL encoding of authentication code
2 parents 2aba9b8 + e08236c commit 6ed3a90
Copy full SHA for 6ed3a90

File tree

Expand file treeCollapse file tree

2 files changed

+3
-1
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+3
-1
lines changed
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
# [22557] Prevent double URL encoding of authentication code

‎extensions/script-libraries/oauth2/oauth2.livecodescript

Copy file name to clipboardExpand all lines: extensions/script-libraries/oauth2/oauth2.livecodescript
+2-1Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -238,13 +238,14 @@ command OAuth2 pAuthURL, pTokenURL, pClientID, pClientSecret, pScopes, pPort, pP
238238

239239
local tResult
240240
put the dialogData into tResult
241+
-- all keys/values in tResult are already URL encoded
241242

242243
if tResult["code"] is not empty then
243244
local tParams
244245
put "grant_type=authorization_code" into tParams
245246
put "&client_id=" & urlEncode(pClientID) after tParams
246247
put "&client_secret=" & urlEncode(pClientSecret) after tParams
247-
put "&code=" & urlEncode(tResult["code"]) after tParams
248+
put "&code=" & tResult["code"] after tParams
248249
put "&redirect_uri=" & urlEncode(kRedirectURL & ":" & pPort & "/") after tParams
249250

250251
local tResponse

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.