Learn More
Resend Email
8
Best shameless hack/workaround story?
Week 19 Group Rant
lig1
8y

Wanna know about hacks? I'll tell you. There is a peace of software called SugarCRM. It has OAuth2 provider implementation. I was assigned to write OAuth2 consumer for it.
It turned out they just failed to make it right.
The list of hacks:
* Hack on standard Authentication header. They use custom.
* Hack on "scope". They send null which is standard violation. So it is replaced to empty string before response processing starts.
* This is my favorite. Refresh token simply doesn't work. So we need to store user's credentials in memory to be able to reauthenticate user transparently.

undefined

wk19

oauth

sugarcrm
Favorite
Ranter
Comments
  • 1
    8y
    Gross
  • 2
    8y
    @superi0r well it usually fine in Python. Especially when Python's oauthlib used on the other side. Some developers actually can implement the standard after reading it.
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment