sonimeister / oauth

Automatically exported from code.google.com/p/oauth
0 stars 0 forks source link

php: split_header doesn't remove 'OAuth ' string at the start of a header #20

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
OAuthRequest::split_header() receiver header as it came over http. 
Spec says that header should look like this:

Authorization: OAuth realm="http://sp.example.com/",
oauth_consumer_key="0685bd9184jfhq22",
....

Note the 'OAuth' part which specifies authorization type.
OAuthRequest::split_header() doesn't strip it before
parsing, and also throws away everything not starting 
with 'oauth_', thus first parameter is always lost, 
whether it is unused (?) realm or any other oauth parameter.

Attached patch fixes this behaviour simply.

Original issue reported on code.google.com by atregoub...@gmail.com on 31 Mar 2008 at 2:54

Attachments:

GoogleCodeExporter commented 8 years ago
looking in to this to verify intended behavior 

Original comment by andyster on 15 Jul 2008 at 10:39

GoogleCodeExporter commented 8 years ago

Original comment by andyster on 15 Jul 2008 at 10:59