Results 1 to 4 of 4

Thread: OAuth 1.0 signature issues on client side when request has additional parameters

  1. Jul 15th, 2011, 02:12 PM #1
    kmandeville
    kmandeville is offline Junior Member
    Join Date
    May 2007
    Posts
    24

    Default OAuth 1.0 signature issues on client side when request has additional parameters

    So I have this request that is failing when using Oauth while all of our other apis work fine with OAuth. The reason behind it not working properly for a few of our clients seems to be the fact that this api request has form-encoded request parameters AND there are some parameters with multiple values (so multiple parameters with the same name and different value ie ?columns=FirstName&columns=LastName...)

    What I'm trying to figure out is how I need to pass these request parameters to the OAuth consumer client code (calling CoreOAuthConsumerSupport.getAuthorizationHeader) This method has a parameter for additional parameters in the form of a Map<String, String>. This parameter doesn't seem to allow for multiple values for a single parameter. Am I correct in assuming that?

    FYI we are using version 3.17 of the library and Spring Security 2.0.5 I believe. We are unable to upgrade to Spring Security 3 so we can't start using the latest version of the Oauth library as I believe it requires Spring Security 3 right?

    PLEASE HELP!!!!!
    Reply With Quote Reply With Quote
  2. Jul 18th, 2011, 06:17 PM #2
    stoicflame
    stoicflame is offline Senior Member
    Join Date
    May 2008
    Location
    Salt Lake City
    Posts
    167

    Default

    The bug about parsing multiple values of the same request parameter was fixed in a later version of the library. You could try to back-port the fix. See org.springframework.security.oauth.consumer.CoreOA uthConsumerSupport#loadOAuthParameters
    Reply With Quote Reply With Quote
  3. Jul 19th, 2011, 11:27 AM #3
    kmandeville
    kmandeville is offline Junior Member
    Join Date
    May 2007
    Posts
    24

    Default What version?

    I looked in version 1.0.0.M3 and looked at the CoreOAuthConsumerSupport#loadOauthParameters but I didn't see anything different than what's in 3.17 where you can pass in additionalParameters as a Map<String,String>

    In order to support multiple values this should be something more like Map<String, String[]> or something to that effect shouldn't it?

    What version should I be looking at?

    Quote Originally Posted by stoicflame View Post
    The bug about parsing multiple values of the same request parameter was fixed in a later version of the library. You could try to back-port the fix. See org.springframework.security.oauth.consumer.CoreOA uthConsumerSupport#loadOAuthParameters
    Reply With Quote Reply With Quote
  4. Jul 21st, 2011, 06:21 PM #4
    stoicflame
    stoicflame is offline Senior Member
    Join Date
    May 2008
    Location
    Salt Lake City
    Posts
    167

    Default

    My bad. You were asking how to pass additional parameters as multi-valued. And I'm afraid you're right; there's no way to do that right now. Tracking the issue here:

    https://jira.springsource.org/browse/SECOAUTH-78
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules