I’ve been working on developing a OAuth2 provider for quite a bit and I’m using DotNetOpenAuth, and I thought I had everything working, but I forgot to see what would happen if I deny access to a third party app. Well, it seems there’s is something malfunctioning with the library, since it throws an error which I don’t understand.
I based my developing on the dotnetopenauth ctp samples, theres is a oauth provider implementation, and tried to deny access to an app on the sample and the same thing happens.
The error is: The following required parameters were missing from the DotNetOpenAuth.OAuth2.Messages.EndUserAuthorizationFailedResponse message: error
The stack trace: http://pastebin.com/U95NTVxe.
So:
- the app request for authorization
- then I log on the user who needs to grant authorization
- then the auth server asks the user if he’s willing to grant the app access to his resources
- when the user clicks no, this error happens
Thnak you un advance.
Error handling in the OAuth 2 spec has not been very stable (the spec itself is unfinished). So the DotNetOpenAuth OAuth 2.0 CTPs do not have error handling (or denial of authorization) fully implemented. When the spec is finalized, you can expect this scenario to be finished.