stevenmaguire
commented
8 years ago I ran into this issue as well and I've submitted a PR that addresses, but it is not "clean" and I am on the fence about the actual solution.
Closed isleshocky77 closed 8 years ago
stevenmaguire
commented
8 years ago I ran into this issue as well and I've submitted a PR that addresses, but it is not "clean" and I am on the fence about the actual solution.
isleshocky77
commented
8 years ago @stevenmaguire I'm glad I'm not crazy and that other people have run into this issue. We can close this issue if that PR solves the problem. I can take a look at a later time.
shoutershub
commented
3 years ago I'm using thephpleague/oauth1-client with an OAuth1 server which will only work if the
oauth_verifieris present in the header instead of as a body parameter which is how it currently is implemented.In order to get around this limitation and have this client work I implemented the following method in my Server file.
/** * {@inheritDoc} */ protected function protocolHeader($method, $uri, CredentialsInterface $credentials, array $bodyParameters = array()) { $parameters = array_merge( $this->baseProtocolParameters(), $this->additionalProtocolParameters(), array( 'oauth_token' => $credentials->getIdentifier(), ) ); /** * BEGIN: Modification to parent::protocolHeader() * Note: THE API will not accept oauth_verifier as a body parameter. It must be in the OAuth Authorization * header */ if (isset($bodyParameters['oauth_verifier'])) { $parameters['oauth_verifier'] = $bodyParameters['oauth_verifier']; unset($bodyParameters['oauth_verifier']); } /** * END: Modification to parent::protocolHeader() */ $this->signature->setCredentials($credentials); $parameters['oauth_signature'] = $this->signature->sign( $uri, array_merge($parameters, $bodyParameters), $method ); return $this->normalizeProtocolParameters($parameters); }I'm not enthused about this solution and was looking to see if there was a more elegant solution.
Note: With a little bit of a research I don't believe the spec states that it should or shouldn't be in the header or the body; however, some have stated that it makes more sense to have it in the header with the rest of the oauth_parameters.
Holy molly, u just saved me 2days of research, i almost lost it.
I'm using thephpleague/oauth1-client with an OAuth1 server which will only work if the
oauth_verifieris present in the header instead of as a body parameter which is how it currently is implemented.In order to get around this limitation and have this client work I implemented the following method in my Server file.
I'm not enthused about this solution and was looking to see if there was a more elegant solution.
Note: With a little bit of a research I don't believe the spec states that it should or shouldn't be in the header or the body; however, some have stated that it makes more sense to have it in the header with the rest of the oauth_parameters.