Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Properly identify the Authorization header's Realm part. #151

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

erikvanzijst
Copy link

This broke authentication whenever any of the oauth_ parameters contained the substring "realm" anywhere.

@joestump
Copy link
Owner

Good catch; you have a regression test (or an example request I can build one with?).

@joestump joestump added this to the 2.0 milestone Jul 29, 2015
@jaitaiwan
Copy link
Contributor

@joestump love his tests 👍 (so do I)

@rickhanlonii
Copy link
Collaborator

This is a great fix. It turns out that if (for example) the oauth_signature contains "realm" in the hash, it wouldn't be included in the params, which would be a nasty bug to track down.

@erikvanzijst I created the test for this on erikvanzijst#2. After you review and merge I think this is good to go.

@jaitaiwan
Copy link
Contributor

Thanks @rickhanlonii you're a boss!

@TimSC
Copy link
Contributor

TimSC commented Jan 13, 2018

I pulled this PR into a new fork: https://github.com/TimSC/python-oauth10a

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants