-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
About a month ago I came across an issue in the python implementation of OAuth: while calculating the signature base string, the request parameters need to be escaped before they are sorted. This only happens when using "exotic" argument names containing characters that need escaping. I wrote a patch for it, maybe one of you can have a look at it. Thanks Arjan Scherpenisse - -- Mediamatic Lab - Vijzelstraat 72 - 1017 HL Amsterdam - Netherlands t+31 (0)20 638 9901 - f+31 (0)20 638 7969 - http://www.mediamatic.nl -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkodFykACgkQigE4AbflYeqPUACcC1DwKIRWfk3faf1qT5umAQrY g3gAn1ovFBaMRopPsDSux60HFO2eVlEx =1blH -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
Index: oauth.py =================================================================== --- oauth.py (revision 1028) +++ oauth.py (working copy) @@ -185,12 +185,11 @@ del params['oauth_signature'] except: pass - key_values = params.items() + key_values = [(escape(_utf8_str(k)), escape(_utf8_str(v))) for k,v in params.items()] # Sort lexicographically, first after key, then after value. key_values.sort() # Combine key value pairs in string and escape. - return '&'.join(['%s=%s' % (escape(_utf8_str(k)), escape(_utf8_str(v))) \ - for k, v in key_values]) + return '&'.join(['%s=%s' % (k, v) for k, v in key_values]) def get_normalized_http_method(self): """Uppercases the http method.""" @@ -586,4 +585,4 @@ def build_signature(self, oauth_request, consumer, token): key, raw = self.build_signature_base_string(oauth_request, consumer, token) - return key \ No newline at end of file + return key