Вопрос
We have a multi-tenant application (AccountingSuite.com) and we want to have a Connect to Dwolla button in the application.
The button will open:
https://www.dwolla.com/oauth/v2/authenticate?client_id={client_id}&response_type=code&redirect_uri={redirect_uri}&scope={scope}&state={instance_id}
notice there is the state parameter at the end identifying an instance in our multi-tenant app. After a successful authentication the response URI needs to contain the state parameter, otherwise it's impossible for us to find out which instance sent a connect request. Currently the state parameter is stripped in the return.
This is a pretty standard OAuth flow (see, for example Stripe).
Please let me what I don't do right, or pass through the state parameter in the OAuth flow.
Решение
While Dwolla doesn't support a state parameter, as an alternative, you can specify the state parameter as a querystring variable in the return_uri.
For example, if you used this return URI:
https://stackoverflow.com/questions/18602548
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianhttp://www.example.com/somepage?state=foobar
After granting permissions to your application on Dwolla, the user will be redirected to your application via:
http://www.example.com/somepage?state=foobar&code={OAuth Verification Code}
