[GH-ISSUE #704] Call to /request_token after canceling a request fails with HTTP 401 because oauth_token is already set.

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/OAuthSwift#455

kerem commented

2026-03-03 16:48:48 +03:00

Owner

Originally created by @mcontin on GitHub (Nov 17, 2022).
Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/704

Description:

Call to /request_token after canceling a request fails with an HTTP error 401 because credential.oauth_token is already set and is passed to the headers parameters.
I am trying to verify that we can correctly cancel a login attempt to Garmin made with our view controller that implements OAuthWebViewController.
We are canceling the login attempt like this:

var service: OAuthSwift?
private func cancelFlow() {
    service?.cancel()
    dismissWebViewController()
}

But if we try to call service.authorize again, the call fails without opening our custom OAuthWebViewController with a 401 unauthorized error, and the difference is that in the second call the oauth_token parameter is set.

Are we canceling the request the wrong way? Is Garmin supposed to check oauth_token? Is oauth_token supposed to be still set after canceling a request?

OAuth Provider? (Twitter, Github, ..):

Garmin

OAuth Version:

Version 1
Version 2

OS (Please fill the version) :

iOS :
OSX :
TVOS :
WatchOS :

Installation method:

Carthage
CocoaPods
Swift Package Manager
Manually

Library version:

head
v2.2.0
v2.0.0
v1.4.1
other: (Please fill in the version you are using.)

Xcode version:

11.4 (Swift 5.2)
11.x (Swift 5.1)
10.x (Swift 5.0)
other: 14.1 but irrelevant

Originally created by @mcontin on GitHub (Nov 17, 2022). Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/704 ### Description: Call to `/request_token` after canceling a request fails with an HTTP error 401 because `credential.oauth_token` is already set and is passed to the headers parameters. I am trying to verify that we can correctly cancel a login attempt to Garmin made with our view controller that implements `OAuthWebViewController`. We are canceling the login attempt like this: ```swift var service: OAuthSwift? private func cancelFlow() { service?.cancel() dismissWebViewController() } ``` But if we try to call `service.authorize` again, the call fails without opening our custom `OAuthWebViewController` with a 401 unauthorized error, and the difference is that in the second call the `oauth_token` parameter is set. Are we canceling the request the wrong way? Is Garmin supposed to check `oauth_token`? Is `oauth_token` supposed to be still set after canceling a request? ### OAuth Provider? (Twitter, Github, ..): Garmin ### OAuth Version: - [X] Version 1 - [ ] Version 2 ### OS (Please fill the version) : - [x] iOS : - [ ] OSX : - [ ] TVOS : - [ ] WatchOS : ### Installation method: - [ ] Carthage - [ ] CocoaPods - [X] Swift Package Manager - [ ] Manually ### Library version: - [ ] head - [X] v2.2.0 - [ ] v2.0.0 - [ ] v1.4.1 - [ ] other: (Please fill in the version you are using.) ### Xcode version: - [ ] 11.4 (Swift 5.2) - [ ] 11.x (Swift 5.1) - [ ] 10.x (Swift 5.0) - [X] other: 14.1 but irrelevant

Rows
Columns

[GH-ISSUE #704] Call to /request_token after canceling a request fails with HTTP 401 because oauth_token is already set. #455