You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 3, 2021. It is now read-only.
Every time I add my own set of parameters to OAuthRequest.GetAuthorizationQuery() they are stripped off the resulting query string. However, the signature is being calculated taking them into consideration. This results in wrong authorization query being returned.
I believe the issue exists since 2.X. The issue lies in line 214 of OauthRequest.cs as my parameters do not begin with oauth_ and I the official standard says nothing about such a restriction
The text was updated successfully, but these errors were encountered:
MikelThief
changed the title
Custom parameters added to GetRequestString() are bing stripped resulting in wrong request
Custom parameters added to GetRequestString() are stripped off, resulting in wrong request
Sep 5, 2019
I believe the GetAuthorizationQuery() method is only supposed to return those parameters that are added as part of the OAuth signing. You will need to append the output of that method to your existing URL to get a valid request URL.
See intended usage here:
// Using URL query authorizationstringauth=client.GetAuthorizationQuery();varurl=client.RequestUrl+"?"+auth;varrequest=(HttpWebRequest)WebRequest.Create(url);
I currently use the library the following way (fieldString and nodeId are coming from the outside):
var additionalParametersDict = new Dictionary<string, string>
{
{"fields", fieldsString},
{"node_id", nodeId.ToString()}
};
return $"{UnderlyingOAuthRequest.RequestUrl}?" +
UnderlyingOAuthRequest.GetAuthorizationQuery(parameters: additionalParametersDict);
I assumed that since the request string body and its authorization part (nonce) are bonded together should not really strip off parts of data which have real influence on the output.
Would you then recommend to use it like this (assuming ToQuery() method will create a query string of form a=b&c=d)?
var additionalParametersDict = new Dictionary<string, string>
{
{"fields", fieldsString},
{"node_id", nodeId.ToString()}
};
return $"{UnderlyingOAuthRequest.RequestUrl}?"
+ UnderlyingOAuthRequest.GetAuthorizationQuery(parameters: additionalParametersDict)
+ additionalParametersDict.ToQuery();
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hello,
Every time I add my own set of parameters to
OAuthRequest.GetAuthorizationQuery()
they are stripped off the resulting query string. However, the signature is being calculated taking them into consideration. This results in wrong authorization query being returned.I believe the issue exists since 2.X. The issue lies in line 214 of OauthRequest.cs as my parameters do not begin with
oauth_
and I the official standard says nothing about such a restrictionThe text was updated successfully, but these errors were encountered: