You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@shindig.apache.org by bh...@apache.org on 2010/09/01 10:21:03 UTC

svn commit: r991462 - /shindig/trunk/php/external/OAuth/OAuth.php

Author: bhofmann
Date: Wed Sep  1 08:21:03 2010
New Revision: 991462

URL: http://svn.apache.org/viewvc?rev=991462&view=rev
Log:
Added fix to PHP OAuth library to not include empty parameters into the oauth_signature, because we omit these empty parameters when performing signed requests

Modified:
    shindig/trunk/php/external/OAuth/OAuth.php

Modified: shindig/trunk/php/external/OAuth/OAuth.php
URL: http://svn.apache.org/viewvc/shindig/trunk/php/external/OAuth/OAuth.php?rev=991462&r1=991461&r2=991462&view=diff
==============================================================================
--- shindig/trunk/php/external/OAuth/OAuth.php (original)
+++ shindig/trunk/php/external/OAuth/OAuth.php Wed Sep  1 08:21:03 2010
@@ -820,6 +820,13 @@ class OAuthUtil {
       $parameter = OAuthUtil::urldecode_rfc3986($split[0]);
       $value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
 
+      // if we received an empty parameter (can happen with sth like "...php?&key=v..."
+      // which we do not send with our signedrequests, we omit it from the signature
+      // as well
+      if (! $parameter) {
+          continue;
+      }
+
       if (isset($parsed_parameters[$parameter])) {
         // We have already recieved parameter(s) with this name, so add to the list
         // of parameters with this name