Fixed request token parsing using cgi.parse_qs method

[antonmoiseev]

trafficstars

keep_blank_values in OAuthToken.from_string method should be set True, otherwise you will get an unhandled exception trying fetch oauth_token_secret from response if OAuth server doesn't supply this parameter. For example Evernote's OAuth server doesn't provide oauth_token_secret parameter if signature method is PLAINTEXT.

[joestump]

@antonmoiseev Great catch. Sorry for the obscenely late reply; we just got this repository transferred over and @jaitaiwan and I are trying to go through all the PRs now. Any chance you have a test for this in another fork?

[antonmoiseev]

I can't believe it :smile:. It was probably my first GitHub PR 4 years ago. Unfortunately I don't have any tests and the source code of the original project anymore. However I appreciate your effort to give the project a new life!

[dieselmachine]

I don't have a test, but I do have a link to the spec that clearly states that empty params are not to be discarded:

http://oauth.net/core/1.0/#anchor14

"Parameters are concatenated in their sorted order into a single string. For each parameter, the name is separated from the corresponding value by an ‘=’ character (ASCII code 61), even if the value is empty. Each name-value pair is separated by an ‘&’ character (ASCII code 38). For example:"

And here is a link to the original issue I reported 5 years ago:

https://code.google.com/p/oauth/issues/detail?id=143