I'm implementing OAuth 1.0a with the OAuthorize library. I'm following the example provided by the library.
I'm hosting my app at Heroku. Using the test client I'm able to GET a request token, and use it to /dialog/authorize:
Hi Bob Smith!
Samplr is requesting access to your account.
Do you approve?
When I press Allow, I get a Cannot POST /dialog/authorize/decision.
I've registered the endpoint in app.js:
app.post('/dialog/authorize/decision', oauth.userDecision);
Either I am missing something silly from the OAuthorize example or there is a fault in the way I'm handling the transaction.
dialog.ejs:
<form action="/dialog/authorize/decision" method="post">
<input name="transaction_id" type="hidden" value="<%= transactionID %>">
<div>
<input type="submit" value="Allow" id="allow">
<input type="submit" value="Deny" name="cancel" id="deny">
</div>
</form>
For me, the issue was that I didn't provide a proper callbackURL in server.userAuthorization callback.
see https://github.com/jaredhanson/oauthorize/blob/master/examples/express2/db/accessTokens.js#L10 and https://github.com/jaredhanson/oauthorize/blob/master/examples/express2/oauth.js#L152