megalodon sends JSON-encoded payloads to OAuth endpoints

[aumetra]

When trying to get the access token, Ebou sends a JSON-encoded payload to the /oauth/token endpoint.

While this is fine with Mastodon (since Rails just deserializes based on the Content-Type header), this causes issues with alternative implementations that actually follow the OAuth2 spec closely, which states that all the body contents have to be application/x-www-form-urlencoded.

To cite RFC 6797; Section 4.1.1:

The client constructs the request URI by adding the following parameters to the query component of the authorization endpoint URI using the "application/x-www-form-urlencoded" format

Looking at the code, there seem to be two solutions to this:

1. Submit everything to the API as application/x-www-form-urlencoded bodies. This should work fine.
2. Make a special case for the OAuth endpoints to submit the data as application/x-www-form-urlencoded instead of application/json (this is more effort, not sure if it's worth it)

[h3poteto]

Submit everything to the API as application/x-www-form-urlencoded bodies. This should work fine.

I wonder if other SNS can handle application/x-www-form-urlencoded other than OAuth endpoints. Does this way work fine for other SNS? e.g. Pleroma and Friendica.

Make a special case for the OAuth endpoints to submit the data as application/x-www-form-urlencoded instead of application/json (this is more effort, not sure if it's worth it)

I prefer this way.

[aumetra]

Pleroma should be able to handle it IIRC, not sure about Friendica (never used it)