search

yhtsnda / oauth-dot-net

Automatically exported from code.google.com/p/oauth-dot-net
0 stars 0 forks source link

OAuth.Net does not work with rewritten urls #28

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Reproducing the problem :
1. Creates an url rewriting, for instance '/resource/12' => 
'/resourceHandler.ashx?id=12'
2. Use the url '/resource/12'

Expected behavior :
Items added to query by url-rewriting should be ignored when generating 
signature.

Effective behavior :
Items added to query by url-rewriting are use to compute the signature

Version of the product used :
0.8.1.1

Operating system :
Windows Vista 64bits

Additional information :

Problem does not concern url path, but query parameters that may be appended to 
the url by url-rewriting mechanism. request.QueryString is based on 
request.Url, which is the rewritten url. Query part of request.RawUrl should be 
used instead.

Problem can be solved by replacing the OAuthParameters.Parse(HttpRequest 
request, OAuthParameterSources sources) method by the following :

public static OAuthParameters Parse(HttpRequest request, OAuthParameterSources 
sources)
{
        var queryString = HttpUtility.ParseQueryString(new Uri(request.Url, request.RawUrl).Query);
         return OAuthParameters.DoParse(request.Headers[Constants.AuthorizationHeaderParameter], request.Headers[Constants.WwwAuthenticateHeaderParameter], request.Form, queryString, sources, true);
}

Original issue reported on code.google.com by eric.bezine@gmail.com on 8 Jul 2010 at 9:51