krzysztofgawrys / oauth

Automatically exported from code.google.com/p/oauth
0 stars 0 forks source link

Content-Type being set twice (to two different values) on one OAuth Sampler Post Request #202

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. attempt to perform a POST with the latest ApacheJMeter_oauth-v2.jar, with 
Content-Type set to "application/json"
2.
3.

What is the expected output? What do you see instead?
Whenever I attempt a post, the application returns the following: 
"Response code: 401
Response message: Signature failed to verify"

From the JMeter request, I am seeing that Content-Type is being sent twice to 
two different values:
"Connection: keep-alive
Content-Type: application/json
User-Agent: QA Jmeter 1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 34"

Content-Type should only be sent once in the JMeter request.

What version of the product are you using? On what operating system?
1. Using Jmeter 2.4 r9961953 and JMeter 2.3.4 with latest 
ApacheJMeter_oauth-v2.jar (from here: 
https://code.google.com/p/oauth/downloads/list)
2. Also, using both version of JMeter, tried the suggested patch found here, 
https://code.google.com/p/oauth/issues/detail?id=197

Please provide any additional information below.
The application I'm testing was just recently OAuth-enabled.  Prior to that I 
was using JMeter to perform posts and gets for the application under test, and 
having no issues.  After the application was enabled with OAuth, I found that 
the OAuth Sampler for JMeter was only able to perform gets, and not posts.  
After showing this to my dev counterpart, this is his take:
"What is happening is that OAuth uses the query parameters to build the 
signature.  When the content-type is x-www-…, the servlet container will 
attempt to parse the query parameters from the body in addition to the URL.  
Since body is typically the message payload (e.g. JSON) and not the useful 
“a=b&c=d” parameters, the signature will fail to verify."

I tried using the HTTP Header Manager as a child of the OAuth Sampler, and not 
just as a child of the Thread, with the setting "Content-Type = 
application/json", but the OAuth Jmeter requests still show two values of 
Content-Type being passed in 1 request.

Original issue reported on code.google.com by elrol...@gmail.com on 16 May 2011 at 9:56