Google are including % character in tokens = problem with URLEncoding

[GoogleCodeExporter]

What steps will reproduce the problem?

1. Google provides a request token/authorized token of 
"4%2FcMF4t6Bc0i_ojIjMtZ4l1tB3ut4x"

2. When building the get access token request using 
OAuthRequest.buildRequest(), the above token will be URLEncoded in 
OAuthRequest.getSignableParameters() and OAuthRequest.getParameters()

3. Because of the % character in the token, the above token is altered.

What is the expected output? What do you see instead?
The token should not be altered: 4%2FcMF4t6Bc0i_ojIjMtZ4l1tB3ut4x
But the token becomes URLEncoded to: 4%252FcMF4t6Bc0i_ojIjMtZ4l1tB3ut4x

Notice % has become %25.

--

Is there anything that can be done to rectify this? Or is Google to blame?

Original issue reported on code.google.com by milkisev...@gmail.com on 8 Jul 2010 at 9:44

[GoogleCodeExporter]

The problem is that Google is sending URL encoded token with \ (backslash) 
character in it. The workaround I found for this issue is to decode token key 
and secret like this: 

requestToken.key = URLEncoding.decode(requestToken.key);
requestToken.secret = URLEncoding.decode(requestToken.secret);

I believe the same could be done in the OAuthUtil.getTokenFromResponse and it 
all would work.

p.

Original comment by Piotr.Walczyszyn on 26 Jan 2011 at 3:48

• Added labels: ****
• Removed labels: ****

[GoogleCodeExporter]

I just came up with even better solution. Instead of using 
OAuthUtil.getTokenFromResponse to decode the token you can use URLVariables as 
follows:

var vars:URLVariables = new URLVariables(URLLoader(event.currentTarget).data);
requestToken = new OAuthToken(vars.oauth_token, vars.oauth_token_secret);

All this should be done for both request and access tokens. Also remember to 
URLEncoding.decode oauth_verifier because it may also contain backslashes.

p.

Original comment by Piotr.Walczyszyn on 26 Jan 2011 at 8:31

• Added labels: ****
• Removed labels: ****