I decided it might be fun to try to follow Diaspora’s API docs, and try to register a very basic application using the Postman app.
So, I’ve started with the Authentication instructions, and have started sending a POST request for the Client Registration step. However, I’m not sure I’m sending the request properly, and I’m a little lost on how to progress.
Here’s what I’m sending:
POST 0.0.0.0:3000/api/openid_connect/clients?client_name=Postman&redirect_uris=http://example.com/
What I end up getting is a NoMethodError, with the output:
Hmm, weirdly this seemed to work fine using curl: curl http://localhost:3000/api/openid_connect/clients -d "redirect_uris[]=http://localhost:3000/&client_name=Postman"
Please note that our API works by POSTing JSON payloads, not by mapping the JSON to query parameters. Neither our spec, nor OpenIDs spec, allow for the use of query parameters, and the fact that this works at all is a side-effect of the way Rails deserializes incoming JSON.
Do not rely on that, because I can guarantee you it will randomly break one day, and that will cause you a lot of grief.
Instead of trying to build and maintain a library for OpenID, I strongly suggest that everyone uses libraries that already exist and that are maintained. There is way too much room to get things wrong here.
The stated goal of diaspora_client_example is to provide a demo that might useful for folks like me who were starting with no knowledge of OAuth or OpenID and just needed a simple example of how all the pieces fit together. So for anyone reading this - don’t use diaspora_client_example in production code, please!