From e5cd87c0b3ec365b047a0738c18ec72c89f20e77 Mon Sep 17 00:00:00 2001 From: Benson Kalahar Date: Mon, 9 Jan 2012 16:29:44 -0800 Subject: [PATCH 1/5] Added an option to exclude oauth body hash from headers --- oauth2/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/oauth2/__init__.py b/oauth2/__init__.py index 835270e3..38afa3e7 100644 --- a/oauth2/__init__.py +++ b/oauth2/__init__.py @@ -481,10 +481,10 @@ def get_normalized_parameters(self): # Spaces must be encoded with "%20" instead of "+" return encoded_str.replace('+', '%20').replace('%7E', '~') - def sign_request(self, signature_method, consumer, token): + def sign_request(self, signature_method, consumer, token, include_body_hash=True): """Set the signature parameter to the result of sign.""" - if not self.is_form_encoded: + if not self.is_form_encoded and include_body_hash: # according to # http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html # section 4.1.1 "OAuth Consumers MUST NOT include an From bc5bdee05126554838e0e911d3a0a190c607e313 Mon Sep 17 00:00:00 2001 From: INADA Naoki Date: Wed, 1 Feb 2012 15:15:19 +0900 Subject: [PATCH 2/5] Builder classmethod builds instance of first argument. --- oauth2/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/oauth2/__init__.py b/oauth2/__init__.py index 835270e3..dde62cbe 100644 --- a/oauth2/__init__.py +++ b/oauth2/__init__.py @@ -569,8 +569,8 @@ def from_consumer_and_token(cls, consumer, token=None, if token.verifier: parameters['oauth_verifier'] = token.verifier - return Request(http_method, http_url, parameters, body=body, - is_form_encoded=is_form_encoded) + return cls(http_method, http_url, parameters, body=body, + is_form_encoded=is_form_encoded) @classmethod def from_token_and_callback(cls, token, callback=None, From 1818d62f4e9f6391a6033b0286371d99b58ed5bd Mon Sep 17 00:00:00 2001 From: INADA Naoki Date: Mon, 6 Feb 2012 18:10:25 +0900 Subject: [PATCH 3/5] Fix Request.from_request() then sign() doubles query parameter. --- oauth2/__init__.py | 5 ----- 1 file changed, 5 deletions(-) diff --git a/oauth2/__init__.py b/oauth2/__init__.py index dde62cbe..bc4cb7dd 100644 --- a/oauth2/__init__.py +++ b/oauth2/__init__.py @@ -537,11 +537,6 @@ def from_request(cls, http_method, http_url, headers=None, parameters=None, query_params = cls._split_url_string(query_string) parameters.update(query_params) - # URL parameters. - param_str = urlparse.urlparse(http_url)[4] # query - url_params = cls._split_url_string(param_str) - parameters.update(url_params) - if parameters: return cls(http_method, http_url, parameters) From 5c8c2394a177b86fb850a300fa0f4c7d7c3320c8 Mon Sep 17 00:00:00 2001 From: Tom de Simone Date: Wed, 15 Feb 2012 00:05:08 +0000 Subject: [PATCH 4/5] add include_body_hash parameter when calling sign_request from within a Client object --- oauth2/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/oauth2/__init__.py b/oauth2/__init__.py index 38afa3e7..9fca780f 100644 --- a/oauth2/__init__.py +++ b/oauth2/__init__.py @@ -637,7 +637,7 @@ def set_signature_method(self, method): self.method = method def request(self, uri, method="GET", body='', headers=None, - redirections=httplib2.DEFAULT_MAX_REDIRECTS, connection_type=None): + redirections=httplib2.DEFAULT_MAX_REDIRECTS, connection_type=None, include_body_hash=True): DEFAULT_POST_CONTENT_TYPE = 'application/x-www-form-urlencoded' if not isinstance(headers, dict): @@ -659,7 +659,7 @@ def request(self, uri, method="GET", body='', headers=None, token=self.token, http_method=method, http_url=uri, parameters=parameters, body=body, is_form_encoded=is_form_encoded) - req.sign_request(self.method, self.consumer, self.token) + req.sign_request(self.method, self.consumer, self.token, include_body_hash=include_body_hash) schema, rest = urllib.splittype(uri) if rest.startswith('//'): From f45e4288a0a43b0ff549ad02d70358cbfb1a4240 Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Thu, 16 Feb 2012 09:55:08 -0500 Subject: [PATCH 5/5] fix the Request.from_request factory to handle multiple GET parameters with the same key (thanks to Jason Connor) --- oauth2/__init__.py | 5 ++++- tests/test_oauth.py | 7 +++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/oauth2/__init__.py b/oauth2/__init__.py index 835270e3..6fd2a15a 100644 --- a/oauth2/__init__.py +++ b/oauth2/__init__.py @@ -608,7 +608,10 @@ def _split_url_string(param_str): """Turn URL string into parameters.""" parameters = parse_qs(param_str.encode('utf-8'), keep_blank_values=True) for k, v in parameters.iteritems(): - parameters[k] = urllib.unquote(v[0]) + if len(v) == 1: + parameters[k] = urllib.unquote(v[0]) + else: + parameters[k] = [ urllib.unquote(i) for i in v ] return parameters diff --git a/tests/test_oauth.py b/tests/test_oauth.py index 099e5794..d6ab8827 100644 --- a/tests/test_oauth.py +++ b/tests/test_oauth.py @@ -889,6 +889,13 @@ def test_from_request(self): req = oauth.Request.from_request("GET", url) self.assertEquals(None, req) + def test_from_request_with_query_string(self): + url = "http://sp.example.com/" + qs = 'multi=BAR&multi=FOO&multi_same=FOO&multi_same=Foo&oath_consumer_key=0685bd9184jfhq22&oauth_nonce=4572616e48616d6d65724c61686176&oauth_signature_method=HMAC_SHA1&oauth_timestamp=137131200&oauth_token=ad180jjd733klru7&oauth_version=1.0' + req = oauth.Request.from_request('GET', url, query_string=qs) + res = req.get_normalized_parameters() + self.assertEquals(qs, res) + def test_from_token_and_callback(self): url = "http://sp.example.com/"