snsinfu / deno-oauth-1.0a

OAuth 1.0a Request Authorization for deno

Home Page:https://doc.deno.land/https/raw.githubusercontent.com/snsinfu/deno-oauth-1.0a/main/mod.ts

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Cannot reproduce an RFC example

snsinfu opened this issue · comments

The test case OAuthClient.sign - produces correct HMAC-SHA1 signature (RFC) added in a7168ad fails. The signature base string looks correct (verified in a test case for getBaseString). So, it could be a bug in a signature computation.

Strangely, a test case inherited from ddo/oauth-1.0a succeeds. In that test case an HMAC-SHA1 signature is computed. But without token secret (as opposed to the failing test case).

Maybe something is wrong with the handling of token secret in the current implementation.

It's an error in the RFC: eratta 2550. So,

wrong: bYT5CMsGcbgUdFHObYMEfcx6bsw=
wrong: djosJKDKJSD8743243/jdk33klY=

should both read

correct: r6/TJjbCOr97/+UU0NsvSne7s5g=

Fixed. d1677e9