glory111 / oauth-php

Automatically exported from code.google.com/p/oauth-php
0 stars 0 forks source link

Wrong OAuth token selected in OAuthStoreMySQL::getSecretsForSignature #101

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
In getSecretsForSignature, only the consumer registry entries are filtered on 
user id, but not the keys. This leads to the situation that when there are 
multiple tokens for a consumer, a random one is selected. I think that the 
token also has to respect the $user_id argument.

Original issue reported on code.google.com by scherpenisse on 15 Mar 2011 at 10:06

GoogleCodeExporter commented 8 years ago
Is it the same bug as bug 98?

Original comment by sergey.c...@gmail.com on 15 Mar 2011 at 12:58

GoogleCodeExporter commented 8 years ago
Yes!

Original comment by scherpenisse on 15 Mar 2011 at 1:05