From 1ba3ac9ee3f00472e0b7f8f25955967ab816a3fd Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Sun, 8 Mar 2009 08:45:32 +0100 Subject: [PATCH] Make OMB work if the configured domain name does not exclusively contain lower case letters. If the configured domain is mixed-case OAuth throws invalidsignature errors. The current URL is part of the signated parts; since the consumer does not pass the current URL, the service has to get it itself and add it to the other OAuth params for signature rebuilding. OAuth.php uses $_SERVER for this, however, the domain is lcased in $_SERVER. Hence we pass the complete current URL as generated by common_local_url to OAuthRequest. --- actions/accesstoken.php | 2 +- actions/finishremotesubscribe.php | 2 +- actions/postnotice.php | 2 +- actions/requesttoken.php | 2 +- actions/updateprofile.php | 2 +- actions/userauthorization.php | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/actions/accesstoken.php b/actions/accesstoken.php index 77fdf6aefa..bb68d3314d 100644 --- a/actions/accesstoken.php +++ b/actions/accesstoken.php @@ -59,7 +59,7 @@ class AccesstokenAction extends Action try { common_debug('getting request from env variables', __FILE__); common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); + $req = OAuthRequest::from_request('POST', common_locale_url('accesstoken')); common_debug('getting a server', __FILE__); $server = omb_oauth_server(); common_debug('fetching the access token', __FILE__); diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index eaf57c2d8f..6d73ee2348 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -44,7 +44,7 @@ class FinishremotesubscribeAction extends Action common_debug('stored request: '.print_r($omb,true), __FILE__); common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); + $req = OAuthRequest::from_request('POST', common_local_url('finishuserauthorization')); $token = $req->get_parameter('oauth_token'); diff --git a/actions/postnotice.php b/actions/postnotice.php index c32d8ca94b..3e98b3cd55 100644 --- a/actions/postnotice.php +++ b/actions/postnotice.php @@ -28,7 +28,7 @@ class PostnoticeAction extends Action parent::handle($args); try { common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); + $req = OAuthRequest::from_request('POST', common_local_url('postnotice')); # Note: server-to-server function! $server = omb_oauth_server(); list($consumer, $token) = $server->verify_request($req); diff --git a/actions/requesttoken.php b/actions/requesttoken.php index ca253b97aa..4e6f92913a 100644 --- a/actions/requesttoken.php +++ b/actions/requesttoken.php @@ -69,7 +69,7 @@ class RequesttokenAction extends Action parent::handle($args); try { common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); + $req = OAuthRequest::from_request('POST', common_local_url('requesttoken')); $server = omb_oauth_server(); $token = $server->fetch_request_token($req); print $token; diff --git a/actions/updateprofile.php b/actions/updateprofile.php index 7dc52fda9e..08cb31ae03 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -29,7 +29,7 @@ class UpdateprofileAction extends Action parent::handle($args); try { common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); + $req = OAuthRequest::from_request('POST', common_local_url('updateprofile')); # Note: server-to-server function! $server = omb_oauth_server(); list($consumer, $token) = $server->verify_request($req); diff --git a/actions/userauthorization.php b/actions/userauthorization.php index 6a76e3a4c2..9eb1e8836f 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -382,7 +382,7 @@ class UserauthorizationAction extends Action function getNewRequest() { common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); + $req = OAuthRequest::from_request('GET', common_local_url('userauthorization')); return $req; } -- 2.39.5