OAuth signature verification not handling + characters

[ViktorHaag]

note: dupe of https://github.com/Brightspace/sample-CourseBuilder-RemotePlugin/issues/1

At (https://github.com/Brightspace/sample-LTI-WHMIS-quiz/blob/master/OAuth1p0.php#L70) in CheckSignatureForFormUrlEncoded():

    $oauthParameters[urldecode( $key )] = urldecode( $value );

Urldecode() converts a + in $value to whitespace, which is then rawurlencode'd as %20 later on, instead of %2B (rawurlencode() does not decode plus symbols into spaces, urldecode() does). Since we use rawurlencode() later on, perhaps we should use it here as well, instead of urldecode().

[ViktorHaag]

Follow up note from Jordan (OP on this issue):

A side-note though: urldecode also exists on Line 73 and Line 106. I needed to change line 73 to get my localhost whmis quiz to work (line 73 was the actual problem in this case - sorry about that). Line 106 is for query parameters, so that hasn’t caused problems, but has potential to.