sonimeister / oauth

Automatically exported from code.google.com/p/oauth
0 stars 0 forks source link

Percent encoding in java library #33

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
Can someone confirm that the changes to the standard URL encode in the
OAuth class are correct as I can't find the part of the OAuth spec that
specifies this. Isn't this going to cause signature problems if clients
don't conform to this non-standard encoding?

Code is:

 return URLEncoder.encode(s, ENCODING)
                    // OAuth encodes some characters differently:
                    .replace("+", "%20").replace("*", "%2A")
                    .replace("%7E", "~");

I have had problems with signatures using the java library connecting to
Yahoo's FireEagle application (fireeagle.yahoo.com). Double quotes (")
seemed to cause a problem when they were part of a parameter value. I'm
afraid I haven't been able to confirm the problem but investigation led me
to the URL encode and thus this issue request.

Original issue reported on code.google.com by clive%pl...@gtempaccount.com on 23 Jul 2008 at 2:07

GoogleCodeExporter commented 8 years ago
Looking at other code versions submitted here. The PHP librar makes slightly
different modifications and the Cold Fusion library just uses the CF 
urlencodeformat
method which   has + for ' ' which seems incorrect.

Original comment by clive%pl...@gtempaccount.com on 30 Jul 2008 at 9:43

GoogleCodeExporter commented 8 years ago
I'm pretty darn sure OAuth.percentEncode(String) conforms to OAuth Core 1.0 
section 
5.1 <http://oauth.net/core/1.0/#encoding_parameters>.

Various platforms provide percent encoding algorithms that are slightly 
different 
from each other and often different from the OAuth specification.  So you'll 
see 
similar code in various OAuth implementations, but it won't be the same.

Original comment by jmkrist...@gmail.com on 22 Oct 2008 at 5:53