Goodreads Developers discussion

57 views

questions > Access token contains random-length comment

Comments Showing 1-3 of 3 (3 new) post a comment »

date

newest »

message 1: by John (last edited Nov 02, 2014 02:06PM) (new)

Nov 02, 2014 02:05PM

When my app requests an access token from /oauth/access_token, it receives a two-line string containing both the token followed by a comment filled with random characters. When I subsequently try to use this string for authentication, it fails. The returned token looks like this:

usableaccesstoken


This sort of thing is usually done when a server thinks it's coming under attack. So does the Goodreads API think my app is a security risk? I'm merely going through the standard OAuth workflow. Of course I can strip the random characters off the access token string, but I'd rather not.

Any ideas? Thanks.

reply | flag

message 2: by Jeff (last edited Nov 05, 2014 03:23PM) (new)

Nov 05, 2014 02:16PM

Mod

Our API isn't suspecting that your app is a security risk. This is a bug on our end because the random padding is only supposed to go on HTML responses, not XML. Thanks for bringing it to our attention and we'll look into fixing it.

However, the token still works, correct? Are you able to perform POSTs with it?

reply | flag

message 3: by John (new)

Nov 14, 2014 07:15AM

Everything seems to be working normally now. Thanks.

reply | flag