You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by "Arne Roomann-Kurrik (JIRA)" <ji...@apache.org> on 2009/10/23 01:19:59 UTC
[jira] Updated: (SHINDIG-1206) PHP OAuth proxy generates invalid
urls when signing via URL
[ https://issues.apache.org/jira/browse/SHINDIG-1206?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Arne Roomann-Kurrik updated SHINDIG-1206:
-----------------------------------------
Attachment: issue139042_1_2.diff
Code review: http://codereview.appspot.com/139042/show
> PHP OAuth proxy generates invalid urls when signing via URL
> -----------------------------------------------------------
>
> Key: SHINDIG-1206
> URL: https://issues.apache.org/jira/browse/SHINDIG-1206
> Project: Shindig
> Issue Type: Bug
> Components: PHP
> Reporter: Arne Roomann-Kurrik
> Priority: Minor
> Attachments: issue139042_1_2.diff
>
>
> For a gadget with an OAuth block like:
> <OAuth>
> <Service name="partuza">
> <Request url="http://www.partuza.nl/oauth/request_token" param_location="uri-query" />
> <Access url="http://www.partuza.nl/oauth/access_token" param_location="uri-query" />
> <Authorization url="http://www.partuza.nl/oauth/authorize" />
> </Service>
> </OAuth>
> The OAuth parameters should be stuffed into the request URL (as opposed to the authorization header) for the request and access requests. However, PHP Shindig's OAuthFetcher calls OAuthUtil::addParameter (which as far as I can tell is a custom function, since it is only used by OAuthFetcher) which actually decodes the parameters (as opposed to url encoding them), causing an invalid signature error.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.