[Seaside] Oauth without callbacks question

Sven Van Caekenberghe sven at stfx.eu
Tue Apr 29 22:39:58 UTC 2014


On 29 Apr 2014, at 22:46, Mariano Martinez Peck <marianopeck at gmail.com> wrote:

> Hi guys,
> 
> I am trying to use OAuth (as a client) to a OAuth server in which the callbacks are a bit messy. So for the moment, assume I cannot specify a callback. So the only option I have right now (this is a prototype anyway) is to copy and paste the "verifier" so that I can later get the access token. I am basing my code in Sven's great Seaside demo.

It is actually Jan van de Sandt's code, he's the guru - I would hope that he can help because this is quite complex and hard to follow. It does of course not help that you seem to be trying to talk to a non-public OAuth service that acts a bit weird.

> However, and here is the problem, he does this to go to the authentication page:
> 
> 	
> 	self requestContext
> 		redirectTo: (self oauthService loginUrlFor: requestToken) ; 
> 		respond.
> 
> What happens here in my app, is that the browser redirects of course to the OAuth authorization server where I finally can see the verifier code. But...say I have to enter this code in my app...there is no way (as far as I understand) to map it to the (previously stored somewhere) request token. So I don't know which request token to use.
> 
> So I think the only option is that the above redirect in fact opens another tab in the browser and that my seaside apps holds into the current request token. Somehow, I would like seaside to then ask for a verification code or something...
> 
> Is that possible? Any idea how can achieve that?
> 
> Thanks in advance, 
> 
> -- 
> Mariano
> http://marianopeck.wordpress.com
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside



More information about the seaside mailing list