Created
March 24, 2016 22:51
-
-
Save diwakergupta/5ffb1e99c113489e2685 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// providerAuthHeaderWorks reports whether the OAuth2 server identified by the tokenURL | |
// implements the OAuth2 spec correctly | |
// See https://code.google.com/p/goauth2/issues/detail?id=31 for background. | |
// In summary: | |
// - Reddit only accepts client secret in the Authorization header | |
// - Dropbox accepts either it in URL param or Auth header, but not both. | |
// - Google only accepts URL param (not spec compliant?), not Auth header | |
// - Stripe only accepts client secret in Auth header with Bearer method, not Basic | |
func providerAuthHeaderWorks(tokenURL string) bool { |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment