python-oauth2 icon indicating copy to clipboard operation
python-oauth2 copied to clipboard

Published 20 hours ago verified publisher icon joestump

PUT Implementation Modifications

Open Jberlinsky opened this issue 14 years ago • 1 comments

The OAuth spec only specifies that HTTP POST url-encoded parameters should be added to the signature base string. Therefore, these lines correctly implement the PUT protocol within OAuth:

https://github.com/simplegeo/python-oauth2/blob/master/oauth2/init.py#L646-648

However, the library parses the body for the signature whenever the content type is x-www-form-urlencoded on any type of request, not only POST as specified in the OAuth specs. This change enforces that the signature base includes the url-encoded parameters only on POST requests.

Jberlinsky avatar May 10 '11 03:05 Jberlinsky

I believe the OAuth 1.0 specification has been extended to include url-encoded parameters from any HTTP request now.

See http://tools.ietf.org/html/rfc5849#appendix-A

Therefore, the current behavior of the library should be maintained to be in compliance with this specification.

gorakhargosh avatar Jul 05 '11 04:07 gorakhargosh