Hi Godwin/ Tharindu, Thank you for the explanation.
Regards, Isuru *Thanks and Best Regards,* *Isuru Uyanage* *Software Engineer - QA | WSO2* *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ <https://www.linkedin.com/in/isuru-uyanage/>* On Wed, Dec 20, 2017 at 10:39 PM, Tharindu Edirisinghe <[email protected]> wrote: > OAuth spec's section [1] doesn't mention the rules on how to generate the > client ID and secret values. What it says is the values should be URL > encoded. In that case, if it has spaces, those would be converted to %20 > and replaced the spaces, which should be OK. > > So, IMO it's totally up to the developers of the OAuth authorization > servers to decide the format of the client ID and secret. May be that's why > different OAuth providers support/doesn't support the spaces. > > [1] https://tools.ietf.org/html/rfc6749#section-2.3.1 > > On Wed, Dec 20, 2017 at 11:49 AM, Godwin Shrimal <[email protected]> wrote: > >> Hi Isuru, >> >> AFAIK we don't want to allow spaces for ClientID and Secret since OAuth >> ClientID and Secret cannot have spaces. @Fara: Please confirm. >> >> Thanks >> Godwin >> >> >> On Wed, Dec 20, 2017 at 8:29 PM, Isuru Uyanage <[email protected]> wrote: >> >>> Hi All, >>> >>> When configuring external IDPs through connectors, we have client secret >>> and client ID. Some connectors like Facebook, Pinterest allows space >>> character in the client ID and service provider login is successful. >>> >>> Basecamp, Google, LinkedIn, MailChimp and etc connectors do not allow >>> spaces in the Client ID nor did in the Client Secret. >>> >>> Amazon does not allow spaces in the Client ID but it allows spaces in >>> the Client Secret. >>> >>> I want to clarify how it really should be. Shouldn't any of connectors >>> allow the space in the Client ID and Client secret? >>> >>> Any feedback would be appreciated. >>> >>> >>> *Thanks and Best Regards,* >>> >>> *Isuru Uyanage* >>> *Software Engineer - QA | WSO2* >>> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >>> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >>> <https://www.linkedin.com/in/isuru-uyanage/>* >>> >>> >>> >>> >> >> >> -- >> *Godwin Amila Shrimal* >> Associate Technical Lead >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: *+94772264165* >> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/ >> <https://www.linkedin.com/in/godwin-amila-2ba26844/>* >> twitter: https://twitter.com/godwinamila >> <http://wso2.com/signature> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > Tharindu Edirisinghe > Senior Software Engineer | WSO2 Inc > Platform Security Team > Blog : http://tharindue.blogspot.com > mobile : +94 775181586 <+94%2077%20518%201586> >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
