You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using this gem to perform a 3LO flow with Todoist from my app and I've noticed, that Todoist API fails with an HTTP 500 error during the last step of the exchange. Upon investigation, I have found that the oauth2 gem, used by omniauth internally, is using the basic auth scheme for passing client id and client secret, while the Todoist Auth guide states that those parameters should be passed in the body.
I have found a workaround that makes the setup work, but I think it would make sense to update the gem to work by default:
# in config/initializer/omniauth.rbOmniAuth::Strategies::Todoist.option:client_options,{site: 'https://todoist.com',authorize_url: '/oauth/authorize',token_url: '/oauth/access_token',auth_scheme: :request_body# This is the key change compared to the default behavior}
The text was updated successfully, but these errors were encountered:
I'm using this gem to perform a 3LO flow with Todoist from my app and I've noticed, that Todoist API fails with an HTTP 500 error during the last step of the exchange. Upon investigation, I have found that the
oauth2gem, used byomniauthinternally, is using the basic auth scheme for passing client id and client secret, while the Todoist Auth guide states that those parameters should be passed in the body.I have found a workaround that makes the setup work, but I think it would make sense to update the gem to work by default:
The text was updated successfully, but these errors were encountered: