If the URL query string contains oauth_ parameters, this authenticate method will cause the client to send those parameters in both the Authorization header and the query string. Isn't that erroneous? I imagine a server might reject the signature, because its signature base string contained two copies of the oauth_ parameters.
On Jun 8, 11:55 am, Paul Austin <[email protected]> wrote: > Below are some updates to the httpclient4 OAuthScheme which handle > some issues with certain types of URLS which are either wrapped or > have existing query string parameters. > > public Header authenticate(Credentials credentials, HttpRequest > request) > throws AuthenticationException { > try { > // The following is more complex because some Requests don't > include the > // server name in the URL instead it just has the path and query > string > String uri; > String method; > HttpUriRequest uriRequest = getHttpUriRequest(request); > if (uriRequest != null) { > uri = uriRequest.getURI().toString(); > method = uriRequest.getMethod(); > } else { > RequestLine requestLine = request.getRequestLine(); > uri = requestLine.getUri(); > method = requestLine.getMethod(); > } > > String url = getUriWithoutQuery(uri); > Collection<Entry<String, String>> parameters = getParameters > (uri); > > OAuthMessage message = new OAuthMessage(method, url, > parameters); > OAuthAccessor accessor = getOAuthAccessor(credentials); > > message.addRequiredParameters(accessor); > String realm = getParameter("realm"); > String authorization = message.getAuthorizationHeader(realm); > return new BasicHeader("Authorization", authorization); > } catch (Throwable t) { > throw new AuthenticationException("Unable to create OAuth > header", t); > } > } --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
