yahya800 / oauth

Automatically exported from code.google.com/p/oauth
0 stars 0 forks source link

CookieConsumer doesn't operate normally when '=' is included in access token #145

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?

When the sign that cannot be included in cookie such as '=' is included in
Access Token, CookieConsumer cannot correctly acquire Access Token from cookie.

1. Creating Salesforce Consumer(based on SampleProviderConsumer) for
https://login.salesforce.com/services/OAuth/c/17.0
2. Obtaining an Unauthorized Request Token (success)
3. Obtaining User Authorization (success)
4. Obtaining an Access Token (error)

What is the expected output? What do you see instead?

Expected access the salesforce url. Instead get OAuthProblemException.

net.oauth.OAuthProblemException: token_rejected
    at net.oauth.example.consumer.webapp.Callback.doGet(Callback.java:73)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:627)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
    at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilt
erChain.java:269)
    at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.
java:188)
    at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:2
13)
    at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:1
72)
    at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108
)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:875)
    at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConne
ction(Http11BaseProtocol.java:665)
    at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:52
8)
    at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorker
Thread.java:81)
    at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:68
9)
    at java.lang.Thread.run(Thread.java:595)

oauth_rejected_token:
mToxyjpqS5euCYwfBFn656vftalORlaautFUBQShvnL2HYI7HpX6ORJOKQPiAkc=
oauth_expected_token:
mToxyjpqS5euCYwfBFn656vftalORlaautFUBQShvnL2HYI7HpX6ORJOKQPiAkc

What version of the product are you using? On what operating system?

r1138 on Windows XP SP2

Please use labels and text to provide additional information.

Processing operated normally by changing storage and the acquisition
processing of the value to cookie of
net.oauth.example.consumer.webapp.CookieMap. 

    if (cookie != null) {
        try {
            /**** cookie value decode using the URL-encoding ****/
            String value = URLDecoder.decode(cookie.getValue(), "UTF-8");

            name2value.put(cookie.getName(), value);
        } catch (UnsupportedEncodingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

    }

    try {
        /**** cookie value escaped using the URL-encoding ****/
        value = URLEncoder.encode(value, "UTF-8");

        Cookie c = new Cookie(name, value);
        c.setPath(path);
        response.addCookie(c);
        name2value.put(name, value);
    } catch (UnsupportedEncodingException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

I think that CookieMap should use URL-encoding. 
If possible, could you correct CookieMap so that CookieConsumer may operate
normally?

Original issue reported on code.google.com by sakaguch...@gmail.com on 16 Feb 2010 at 7:53