Comments (4)
I see that that behavior was changed at some point, in the code there is a
comment:
> Get the body of a POST with multipart/form-data by Edison tsai on 16:52
2010/09/16
The original code was using a separate signature for the request body, per
discussion with Eran et al.
See also https://groups.google.com/forum/#!topic/oauth/rNA2R0ZJQCo
And http://www.marcworrell.com/article-3130-en.html
Maybe you can check the reasons behind Edison Tsai's commit?
Original comment by [email protected]
on 25 Nov 2013 at 3:36
from oauth-php.
Thanks for finding the previous discussions:
https://groups.google.com/forum/#!topic/oauth/rNA2R0ZJQCo
And http://www.marcworrell.com/article-3130-en.html
However they seem to be about allowing extended signing of body content above
and beyond oauth standard signing. They were implemented in a separate class
OAuthRequestVerifier.php in the verifyExtended method. These discussions were
had in April 2008. The check-in from Edison Tsai seems to be unrelated to the
extended verification.
The check-in looks to be a helpful change from what was there, which just throw
an exception. There doesn't seem to be a lot of information about the Issue 81
or commit 165. However it does not conform to the specs.
Would you be happy with some sort of flag that would make the behaviour act as
it does currently and then apply the change?
Original comment by [email protected]
on 25 Nov 2013 at 10:29
from oauth-php.
Sounds good to me. Maybe the best default behavior is to stick with the specs,
and an option to switch to Tsai's additions.
Original comment by [email protected]
on 26 Nov 2013 at 8:44
from oauth-php.
Finally found time to create the updated patch.
The flag by default is in-line with the spec.
The backwards compatibility maybe enabled by passing to the OAuthServer options
parameter:
array (
'sign_body_of_multipart_request' => true
)
Looking at the code this was the cleanest way I could see that fits with the
coding style/conventions.
Hope this is acceptable
Original comment by [email protected]
on 3 Dec 2013 at 3:54
Attachments:
from oauth-php.
Related Issues (20)
- Minor fix that allows for the implementation of your OAuthStore
- OAuth POST request combines parameters from original server request with parameters being sent via oauth for Oauth consumers HOT 1
- Array of Array
- No server associated with consumer_key "..."
- Putting project to packagist
- Saving Recurring events from Google calendar api
- connect Oauth(PHP) Client to Oauth server (ruby on rails)
- cgi sapi oauth callback is required hot fix available
- Error with OAuth instance 2legged
- Invalid consumer HOT 1
- remote server request error
- Error when creating tables with foreign key constraints
- I get error "Authorized token from Service Provider does not match supplied Request Token details"
- Patch for /trunk/example/client/twoleggedtwitter.php
- OAuth Verification Failed HOT 1
- oAuth with PHP 4.4.9
- where is the updateConsumer function? HOT 1
- [deleted issue]
- SQL bug (with fix) in PostgreSQL Store checkServerNonce method
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth-php.