summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
authorAdrian Lang <mail@adrianlang.de>2009-04-15 09:18:43 +0200
committerAdrian Lang <mail@adrianlang.de>2009-04-15 09:18:43 +0200
commitfc6cedd2227d9d560736e494f431e2b40b26b45c (patch)
tree1893481527acc1ba2252db1567cd2e3d819c5681 /actions
parente876b74e8ba7e80edcb9a13bff15deff4aa6ff15 (diff)
parent1ba3ac9ee3f00472e0b7f8f25955967ab816a3fd (diff)
Make OMB work if the configured domain name does not exclusively contain lower case letters.
If the configured domain is mixed-case OAuth throws invalidsignature errors. The current URL is part of the signated parts; since the consumer does not pass the current URL, the service has to get it itself and add it to the other OAuth params for signature rebuilding. OAuth.php uses $_SERVER for this, however, the domain is lcased in $_SERVER. Hence we pass the complete current URL as generated by common_local_url to OAuthRequest.
Diffstat (limited to 'actions')
-rw-r--r--actions/accesstoken.php2
-rw-r--r--actions/finishremotesubscribe.php2
-rw-r--r--actions/postnotice.php2
-rw-r--r--actions/requesttoken.php2
-rw-r--r--actions/updateprofile.php2
5 files changed, 5 insertions, 5 deletions
diff --git a/actions/accesstoken.php b/actions/accesstoken.php
index 77fdf6aef..bb68d3314 100644
--- a/actions/accesstoken.php
+++ b/actions/accesstoken.php
@@ -59,7 +59,7 @@ class AccesstokenAction extends Action
try {
common_debug('getting request from env variables', __FILE__);
common_remove_magic_from_request();
- $req = OAuthRequest::from_request();
+ $req = OAuthRequest::from_request('POST', common_locale_url('accesstoken'));
common_debug('getting a server', __FILE__);
$server = omb_oauth_server();
common_debug('fetching the access token', __FILE__);
diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php
index d54c29a60..3e3a81715 100644
--- a/actions/finishremotesubscribe.php
+++ b/actions/finishremotesubscribe.php
@@ -44,7 +44,7 @@ class FinishremotesubscribeAction extends Action
common_debug('stored request: '.print_r($omb,true), __FILE__);
common_remove_magic_from_request();
- $req = OAuthRequest::from_request();
+ $req = OAuthRequest::from_request('POST', common_local_url('finishuserauthorization'));
$token = $req->get_parameter('oauth_token');
diff --git a/actions/postnotice.php b/actions/postnotice.php
index c32d8ca94..3e98b3cd5 100644
--- a/actions/postnotice.php
+++ b/actions/postnotice.php
@@ -28,7 +28,7 @@ class PostnoticeAction extends Action
parent::handle($args);
try {
common_remove_magic_from_request();
- $req = OAuthRequest::from_request();
+ $req = OAuthRequest::from_request('POST', common_local_url('postnotice'));
# Note: server-to-server function!
$server = omb_oauth_server();
list($consumer, $token) = $server->verify_request($req);
diff --git a/actions/requesttoken.php b/actions/requesttoken.php
index ca253b97a..4e6f92913 100644
--- a/actions/requesttoken.php
+++ b/actions/requesttoken.php
@@ -69,7 +69,7 @@ class RequesttokenAction extends Action
parent::handle($args);
try {
common_remove_magic_from_request();
- $req = OAuthRequest::from_request();
+ $req = OAuthRequest::from_request('POST', common_local_url('requesttoken'));
$server = omb_oauth_server();
$token = $server->fetch_request_token($req);
print $token;
diff --git a/actions/updateprofile.php b/actions/updateprofile.php
index 7dc52fda9..08cb31ae0 100644
--- a/actions/updateprofile.php
+++ b/actions/updateprofile.php
@@ -29,7 +29,7 @@ class UpdateprofileAction extends Action
parent::handle($args);
try {
common_remove_magic_from_request();
- $req = OAuthRequest::from_request();
+ $req = OAuthRequest::from_request('POST', common_local_url('updateprofile'));
# Note: server-to-server function!
$server = omb_oauth_server();
list($consumer, $token) = $server->verify_request($req);