8

I'm new to OAuth, I'm using the oauth2 library on Python to get my work done.

Currently when I receive a callback from the server, the parameters come in the URL as:

http://mydomain/?oauth_verifier=(SOME_DATA)&oauth_token=(SOME_DATA)&oauth_callback_confirmed=true

I'm wondering if it's possible to instruct the server to somehow POST those parameters (oauth_verifier, oauth_token, oauth_callback_confirmed) to me as a callback and not show them in the URL (as a GET request)?

Thank you!

Improve this question

1 Answer 1

Reset to default
13

No, it is not possible to encode the callback parameters as a POST request. The OAuth 1.0 Spec says that the provider issues an HTTP Redirect to the callback URL:

If the Consumer provided a callback URL in oauth_callback (as described in Consumer Directs the User to the Service Provider), the Service Provider constructs an HTTP GET request URL, and redirects the User’s web browser to that URL with the following parameters:

Since an HTTP Redirect can only be a GET, not a POST, your callback can only contain the parameters in the URL.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.