You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Withings recently sent out this announcement to their api users:
Important: Deprecating access and refresh tokens endpoints
As part of our continual improvement, we are migrating the OAuth 2.0 endpoints. The deprecated services will continue to operate normally until September 2021. Please review the article below to get more information on the breaking change.
requires a parameter action, with value "requesttoken"
requires parameter grant_type to equal "refresh_token" (not "authorization_code");
and has the response structured differently: the keys of the response are now just body and status, with the former keys, including code, all in an object down below body.
This breaks OAuthSwift. The parameters it sends when getting or renewing an access token are wrong, and so Withings responds with an error. Looking at the source, it's also clear that the new response format would not be correctly parsed.
Handling of the above is all hard-coded in OAuthSwift, with no obvious way to override with e.g. a subclass: while certain functions are open, the functions they themselves call are private, so I can't intercept either the parameter construction or the response parsing. I reviewed #628, and it does not address the problem: non-public methods of OAuth2Swift make replacing the relevant methods not possible.
What should be done here? Is this properly dealt with at the OAuthSwift end or the Withings end? Could there be a strategy for handling this bizarre token-refresh endpoint that I'm not seeing?
I will send Withings a note pointing at this ticket to see if they have anything to contribute.
OAuth Provider:
Withings
OAuth Version:
Version 1
Version 2
OS (Please fill the version) :
iOS : 14.6
OSX :
TVOS :
WatchOS :
Installation method:
Carthage
CocoaPods
Swift Package Manager
Manually
Library version:
head
v2.1.0
v2.0.0
v1.4.1
other: (Please fill in the version you are using.)
Xcode version:
11.4 (Swift 5.2)
11.x (Swift 5.1)
10.x (Swift 5.0)
other: (Please fill in the version you are using.)
objective c
The text was updated successfully, but these errors were encountered:
We are open to code modification if they not break other services
It could be some way to override and some variable to configure for this specific service ( a bool for instance, there is already some, yes because no body was to use same spec 😭 )
Making all public/open could make code less maintenable and have a lot of breaking change. So it depends.
So I prefer new parameter with default value, or configuration var when possible
BJAdeGraaf
added a commit
to BJAdeGraaf/OAuthSwift
that referenced
this issue
Aug 29, 2021
Description:
Withings recently sent out this announcement to their api users:
with more detail here: https://support.withings.com/hc/en-us/articles/360016745358-Deprecating-access-and-refresh-tokens-endpoints
and here: http://developer.withings.com/api-reference#operation/oauth2-refreshaccesstoken
Unfortunately, the new endpoint:
action
, with value "requesttoken"grant_type
to equal "refresh_token" (not "authorization_code");body
andstatus
, with the former keys, includingcode
, all in an object down belowbody
.This breaks OAuthSwift. The parameters it sends when getting or renewing an access token are wrong, and so Withings responds with an error. Looking at the source, it's also clear that the new response format would not be correctly parsed.
Handling of the above is all hard-coded in OAuthSwift, with no obvious way to override with e.g. a subclass: while certain functions are
open
, the functions they themselves call are private, so I can't intercept either the parameter construction or the response parsing. I reviewed #628, and it does not address the problem: non-public methods ofOAuth2Swift
make replacing the relevant methods not possible.What should be done here? Is this properly dealt with at the OAuthSwift end or the Withings end? Could there be a strategy for handling this bizarre token-refresh endpoint that I'm not seeing?
I will send Withings a note pointing at this ticket to see if they have anything to contribute.
OAuth Provider:
Withings
OAuth Version:
OS (Please fill the version) :
Installation method:
Library version:
Xcode version:
11.4 (Swift 5.2)
11.x (Swift 5.1)
10.x (Swift 5.0)
other: (Please fill in the version you are using.)
objective c
The text was updated successfully, but these errors were encountered: