Announcement Announcement Module
Collapse
No announcement yet.
OAuth 1.0 signature issues on client side when request has additional parameters Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • OAuth 1.0 signature issues on client side when request has additional parameters

    So I have this request that is failing when using Oauth while all of our other apis work fine with OAuth. The reason behind it not working properly for a few of our clients seems to be the fact that this api request has form-encoded request parameters AND there are some parameters with multiple values (so multiple parameters with the same name and different value ie ?columns=FirstName&columns=LastName...)

    What I'm trying to figure out is how I need to pass these request parameters to the OAuth consumer client code (calling CoreOAuthConsumerSupport.getAuthorizationHeader) This method has a parameter for additional parameters in the form of a Map<String, String>. This parameter doesn't seem to allow for multiple values for a single parameter. Am I correct in assuming that?

    FYI we are using version 3.17 of the library and Spring Security 2.0.5 I believe. We are unable to upgrade to Spring Security 3 so we can't start using the latest version of the Oauth library as I believe it requires Spring Security 3 right?

    PLEASE HELP!!!!!

  • #2
    The bug about parsing multiple values of the same request parameter was fixed in a later version of the library. You could try to back-port the fix. See org.springframework.security.oauth.consumer.CoreOA uthConsumerSupport#loadOAuthParameters

    Comment


    • #3
      What version?

      I looked in version 1.0.0.M3 and looked at the CoreOAuthConsumerSupport#loadOauthParameters but I didn't see anything different than what's in 3.17 where you can pass in additionalParameters as a Map<String,String>

      In order to support multiple values this should be something more like Map<String, String[]> or something to that effect shouldn't it?

      What version should I be looking at?

      Originally posted by stoicflame View Post
      The bug about parsing multiple values of the same request parameter was fixed in a later version of the library. You could try to back-port the fix. See org.springframework.security.oauth.consumer.CoreOA uthConsumerSupport#loadOAuthParameters

      Comment


      • #4
        My bad. You were asking how to pass additional parameters as multi-valued. And I'm afraid you're right; there's no way to do that right now. Tracking the issue here:

        https://jira.springsource.org/browse/SECOAUTH-78

        Comment

        Working...
        X