This repository has been archived by the owner on Dec 5, 2022. It is now read-only.
OAuth Authorization Response handling not RFC compliant #101
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The current OAuth2-related code in
oauth.pyexpects a scope parameter to be present in the authorization response. Otherwise it won't identify the authorization response as such.This is not in accordance with RFC6749 (Section 4.1.2, Authorization Code Grant - Authorization Response), could lead to trouble in future and should be removed.
I'll open a PR.
The text was updated successfully, but these errors were encountered: