Open AlexC opened 9 years ago
Alex, this is what i thought. I guess i didnt look that hard, or hadnt enough knowleadge to find, point and fix the problem, thou..... I was indeed already thnkink i was guilty for not signing correctly my requests....
Ive been waiting for this so long, i cant believe it.is happening.
Thank you, sire. You like a cyber knight, that comes running to rescue the cyber villagers.
Thank... You.... (ok, i may be overreacting a bit. But still, thank you) Em 21/05/2015 08:09, "Alex Cartwright" notifications@github.com escreveu:
The way WP-API/OAuth1 constructs the OAuth1 signature does not conform to the OAuth1 specification, making it impossible to use WP-API with this OAuth1 plugin.
For example, the parameter key and value should be rawurlencode() separately, not after the entire string has been constructed (as this'll encode "=" to "%3D"). The same goes for multidimensional arrays, it should not use [ or ] but the encoded version. The separator of these parameters should also not be encoded (at this stage).
The final string to sign ($string_to_sign) should now rawurlencode() the request URI and query string (the parameters).
Pull request to follow
— Reply to this email directly or view it on GitHub https://github.com/WP-API/OAuth1/issues/64.
Haha, you're most welcome! See https://github.com/WP-API/OAuth1/pull/65 for the pull request. I've not tested it with multi dimensional arrays, though from what I understand of the spec it should work. But at least this plugin is now usable!
The way WP-API/OAuth1 constructs the OAuth1 signature does not conform to the OAuth1 specification, making it impossible to use WP-API with this OAuth1 plugin.
For example, the parameter key and value should be rawurlencode() separately, not after the entire string has been constructed (as this'll encode "=" to "%3D"). The same goes for multidimensional arrays, it should not use [ or ] but the encoded version. The separator of these parameters should also not be encoded (at this stage).
The final string to sign ($string_to_sign) should now rawurlencode() the request URI and query string (the parameters).
Pull request to follow