We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit 1ba3ac9e authored by Adrian Lang's avatar Adrian Lang

Make OMB work if the configured domain name does not exclusively contain lower case letters.

If the configured domain is mixed-case OAuth throws invalidsignature errors. The current URL is part of the signated parts; since the consumer does not pass the current URL, the service has to get it itself and add it to the other OAuth params for signature rebuilding. OAuth.php uses $_SERVER for this, however, the domain is lcased in $_SERVER. Hence we pass the complete current URL as generated by common_local_url to OAuthRequest.
parent 04a05ca2
......@@ -59,7 +59,7 @@ class AccesstokenAction extends Action
try {
common_debug('getting request from env variables', __FILE__);
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
$req = OAuthRequest::from_request('POST', common_locale_url('accesstoken'));
common_debug('getting a server', __FILE__);
$server = omb_oauth_server();
common_debug('fetching the access token', __FILE__);
......
......@@ -44,7 +44,7 @@ class FinishremotesubscribeAction extends Action
common_debug('stored request: '.print_r($omb,true), __FILE__);
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
$req = OAuthRequest::from_request('POST', common_local_url('finishuserauthorization'));
$token = $req->get_parameter('oauth_token');
......
......@@ -28,7 +28,7 @@ class PostnoticeAction extends Action
parent::handle($args);
try {
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
$req = OAuthRequest::from_request('POST', common_local_url('postnotice'));
# Note: server-to-server function!
$server = omb_oauth_server();
list($consumer, $token) = $server->verify_request($req);
......
......@@ -69,7 +69,7 @@ class RequesttokenAction extends Action
parent::handle($args);
try {
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
$req = OAuthRequest::from_request('POST', common_local_url('requesttoken'));
$server = omb_oauth_server();
$token = $server->fetch_request_token($req);
print $token;
......
......@@ -29,7 +29,7 @@ class UpdateprofileAction extends Action
parent::handle($args);
try {
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
$req = OAuthRequest::from_request('POST', common_local_url('updateprofile'));
# Note: server-to-server function!
$server = omb_oauth_server();
list($consumer, $token) = $server->verify_request($req);
......
......@@ -382,7 +382,7 @@ class UserauthorizationAction extends Action
function getNewRequest()
{
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
$req = OAuthRequest::from_request('GET', common_local_url('userauthorization'));
return $req;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment