scream78 / oauth

Automatically exported from code.google.com/p/oauth
0 stars 0 forks source link

rsa.py module should not consider consumer secret as a part of the signature base string. #64

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. If you try to use the signature method RSA-SHA1, by using the rsa.py 
module without providing a consumer secret i.e. if consumer_secret=None, 
build_signature_base_string method will throw an error (TyprError: argument 
2 to map() must support iteration).

For using signature method RSA-SHA1, providing a consumer secret should not 
be compulsory, it should be optional. It should not matter whether consumer 
secret is included in the signature base string or not. In the current 
code, consumer secret has to be present which is wrong.

Please fix this as soon as possible. Please see the attached diff file.

Original issue reported on code.google.com by kunalmsh...@gmail.com on 17 Nov 2008 at 7:49

Attachments:

GoogleCodeExporter commented 9 years ago
Please disregard the previous rsa.diff. In addition to the consumer secret, the 
token
secret too should not be considered. So the present code won't work if the 
token does
not have a secret or there is no consumer secret which is incorrect. Please 
find the
new rsa.diff attached.

Original comment by kunalmsh...@gmail.com on 19 Nov 2008 at 11:45

Attachments:

GoogleCodeExporter commented 9 years ago
Andy - can yo take a look at this?

Original comment by leah.culver on 14 Jan 2009 at 9:56