preumich / oauth

Automatically exported from code.google.com/p/oauth
0 stars 0 forks source link

[PHP] OAuthRequest::to_header() constructs an invalid Authorization header #34

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
In line 365 of OAuth.php there's an extra double-quote being prepended to
the Authorization header:

    $out ='"Authorization: OAuth realm="' . $realm . '",';

This causes the header to be set as:

    "Authorization: OAuth ...

Original issue reported on code.google.com by rcken...@gmail.com on 31 Jul 2008 at 3:08

GoogleCodeExporter commented 9 years ago
In addition, the comma at the end of the string in line 365 is causing a double 
comma
to appear in the header because the code is prepending commas in line 372:

    $out .= ',' . OAuthUtil::urlencodeRFC3986($k) . '="' . 
            OAuthUtil::urlencodeRFC3986($v) . '"';

This causes the header to be set as:

    "Authorization: OAuth realm="therealm",,oauth_consumer_key="myCK",...

Original comment by rcken...@gmail.com on 31 Jul 2008 at 3:13

GoogleCodeExporter commented 9 years ago
I've attached a patch which should fix those two issues. Anyone with commit 
access?

Original comment by mister...@gmail.com on 6 Aug 2008 at 3:05

Attachments:

GoogleCodeExporter commented 9 years ago
Could the patch please be applied? I recently ran into the same issues and 
wasted
time tracking down this bug. Disheartening to find that it was a known issue for
which a patch is available. 

Original comment by bart.tee...@gmail.com on 16 Oct 2008 at 7:53

GoogleCodeExporter commented 9 years ago

Original comment by leah.culver on 14 Jan 2009 at 8:36

GoogleCodeExporter commented 9 years ago
This has been fixed since revision 853 where bpedro applied the patch
http://code.google.com/p/oauth/source/detail?r=853

-Morten

Original comment by morten.f...@gmail.com on 30 Jan 2009 at 6:23