javascript - Should I use camelCase for oauth2?

Question

So i'm trying to implement an oauth2 server in nestjs and i've been reading the specification [RFC 6749]
In the spec, all the query parameter names and even json response use snake_case like.

access_token
refresh_token
client_id
client_secret
redirect_uri
expires_in

The problem is, all the rest of my codebase use camelCase and using snake_case for a bunch of oauth related classes would make these inconsistent with rest of the code base.

So, should I change all oauth parameters to camelCase or would that be considered "Not conforming to specification".

Answer 1

The parameters are required to be spelled exactly as defined in the specification, you can't arbitrarily rename them and still be conforming to the specification.

accessToken is a completely different parameter than access_token, and any client implementing the specification will expect you to use the correct name, access_token, as defined in the spec. Serving up a parameter called accessToken is no different than serving up a parameter called foobar, as far as clients are concerned.