Announcement Announcement Module
Collapse
No announcement yet.
UnverifiedRequestTokenException Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • UnverifiedRequestTokenException

    Hi,
    I'm trying to impement integration with linkedin and have such problem:
    When user is asked about authorization (linkedin popup), user can press cancel button or close popup or press proteced link 2 times. For second time I've got this Error, thrown by CoreOAuthConsumerSupport, because consumer filter treats request token, saved earlier, as verified, but it is not.
    Maybe I'm wrong but for such situation, filter shouldn't ask for access token, having only unverified request token, it should fire authorizatin proccess again.

    My suggestion is to replace line 129 in OAuthConsumerContextFilter:
    Code:
    if (token == null) { //no token associated with the resource, start the oauth flow.
    to:
    Code:
    if (token == null || request.getParameter(OAuthProviderParameter.oauth_verifier.toString())==null) { //no verified token associated with the resource, start the oauth flow.
    What do you think?
    Last edited by Hunger; Feb 3rd, 2011, 09:26 AM.

  • #2
    Sounds reasonable. Could you open a JIRA issue for this?

    Comment


    • #3
      Done. https://jira.springsource.org/browse/SECOAUTH-41

      Comment

      Working...
      X