JBesaw29 / oauth-signpost

Automatically exported from code.google.com/p/oauth-signpost
0 stars 0 forks source link

Signing fails when multiple parameters with the same key are used #67

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
In which environment did the problem appear?

java version "1.6.0_17"
Java(TM) SE Runtime Environment (build 1.6.0_17-b04-248)
Java HotSpot(TM) 64-Bit Server VM (build 14.3-b01-101, mixed mode)

What steps will reproduce the problem?

Sign a request for a URL that contains the same query parameter twice:

  URLConnection conn = new URL("http://api.linkedin.com/v1/people/~/mailbox?folder=inbox&message-type=message-connections&message-type=invitation-request").openConnection()

  OAuthConsumer oc = new oauth.signpost.basic.DefaultOAuthConsumer(consumer.token,consumer.secret)
  oc.setTokenWithSecret(user.token,user.secret)
  oc.sign(conn)
  conn.getInputStream()

What is the expected output? What do you see instead?

I expect a response from the server.  Instead, it fails with a 401 
(unauthorized).  The problem appears to be that 
oauth.signpost.OAuth.decodeForm(String) stores the parameters in a 
Map<String,String>.  So, when there are two parameters with the same name, the 
first is overwritten.

Original issue reported on code.google.com by nosretta...@gmail.com on 28 Jan 2011 at 9:59

GoogleCodeExporter commented 8 years ago
It looks like this problem was fixed in 1.2.1.1.  Sorry for not checking that 
first.

Original comment by nosretta...@gmail.com on 8 Feb 2011 at 11:22