skdevelopers / oauth-php

Example's can be found at SK Developers
http://www.skdevelopers.info/oauth
MIT License
1 stars 0 forks source link

OAuthServer defaults to 'GET' method? #52

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. As of r108 I now have to explicitly set the method in 'request_token' and 
'access_token' end-points as the 
OAuthServer->OAuthRequestVerifier->OAuthRequest constructor chain defaults the 
method to 'GET'.

        $server = new OAuthServer(null, 'POST');
        $server->accessToken();

        $server = new OAuthServer(null, 'POST');
        $server->requestToken();

Without explicitly setting it to 'POST, signature verification fails as the 
signature base string for signed requests defaults to 'POST', e.g  
OAuthRequester::requestRequestToken.

Before now (I've only tested r98), I didn't need to add the method as it 
defaulted to 'POST'. Is this correct?

What is the expected output? What do you see instead?

What version of the product are you using? On what operating system?

PHP 5.3.1 on MacBook, Darwin Kernel Version 10.3.0

Please provide any additional information below.

Linked to issue 51?

Original issue reported on code.google.com by simon.re...@gmail.com on 22 Jun 2010 at 1:04

GoogleCodeExporter commented 9 years ago
Yes, the two issues (51 and 52) are linked. As of r134, the library will try to 
find the method automatically (should work in Apache flawlessly), although you 
still can override it if you wish. This was affecting other classes as well and 
they are all fixed in this release. 

Please let me know if the patch worked as expected for you. Thanks!

Original comment by brunobg%...@gtempaccount.com on 22 Jun 2010 at 5:02

GoogleCodeExporter commented 9 years ago
Great stuff, all calls to 'new OAuthServer()' are now working without 
specifying the method. Thanks!

Original comment by simon.re...@gmail.com on 22 Jun 2010 at 6:34

GoogleCodeExporter commented 9 years ago
Thanks! I'm closing this.

Original comment by brunobg%...@gtempaccount.com on 23 Jun 2010 at 2:00