RFC5849 example failed.

Question

RFC5849 example failed.

hyjin opened this issue 11 years ago · comments

Fails on an example in OAuth 1.0 specification(RFC5849).
It caused by following two:

Handling multiple parameter values with same key.

When node's querystring parse query string and build object, it builds value as an array for same keys. For instance:

> var qs = require('querystring')
> var str = 'a=1&a=2&a=&b=3'
> qs.parse(str)
{ a: [ '1', '2', '' ],
  b: '3' }

Currently, oauth-sign does not handle array value.

Sorting in parameter normalization

The specification requires percent encode before sorting parameters. (http://tools.ietf.org/html/rfc5849#section-3.4.1.3.2)
In some case, the sort order may differ after encode. (e.g. c2 < c@, but c2 > c%40)

And also it requires to sort by value when there is a same keys, but current oauth-sign does not sort by value.

Mikeal Rogers · Answer 1 · Tue Sep 24 2013 06:59:17 GMT+0800 (China Standard Time)

your oauth-sign PR was merged and released as v0.4.0, could you update this pull request to include the required version of oauth-sign.

Hyungjin Kim · Answer 2 · Tue Sep 24 2013 08:12:32 GMT+0800 (China Standard Time)

Resolved by #6 .