search

takcy / openid4java

Automatically exported from code.google.com/p/openid4java
Apache License 2.0
0 stars 0 forks source link

Bug in org.openid4java.message.ParameterList #59

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
IN createFromKeyValueForm 
some OP return keyValueForm is begin with "\r\n\r\n....",will throw 
MessageException

 StringTokenizer tokenizer = new StringTokenizer(keyValueForm, "\n");
        boolean hasColonLine = false;
        while (tokenizer.hasMoreTokens())
        {
            String keyValue = tokenizer.nextToken();
            int posColon = keyValue.indexOf(':');

            if (posColon > 0)
            {
                String key   = keyValue.substring(0, posColon);
                String value = keyValue.substring(posColon + 1);
                parameterList.set(new Parameter(key, value));
                hasColonLine = true;
            }
        }
        if (!hasColonLine)
            throw new MessageException("Invalid Key-Value form, colon 
missing: " + keyValueForm);

        return parameterList;

Original issue reported on code.google.com by Wu.Kan.2...@gmail.com on 4 May 2008 at 10:53

GoogleCodeExporter commented 8 years ago 
By definition, a valid message in key-value form cannot contain the \r\n\r\n 
string:
http://openid.net/specs/openid-authentication-2_0.html#anchor4

Those OPs should be advised to fix their key-value form / direct message 
implementations.

Johnny

Original comment by Johnny.B...@gmail.com on 4 May 2008 at 9:26