parameters in http_url incorrectly handled in Request.from_request() · Issue #21 · joestump/python-oauth2 · GitHub
Skip to content

parameters in http_url incorrectly handled in Request.from_request() #21

Description

@rogerm

When the http_url parameter is parsed to see if it contains any params, the paramsaren't removed from the url after being added to the parameters variable. Request.get_normalized_parameters() also parses the raw url (why?) when constructing the cignaturebasestring. The combination of these actions is that parameters coming from http_url get included twice in the signature base string.

Fix:

  • in from_request, after parsing http_url: http_url = http_url.split('?',1)[0]

It's not clear that you need or want to parse the original url again in get_normalized_parameters, it would be cleaner is all constructors and factories ensured that parameters get extracted on creation so you can just use the reqeust dictionary and the normalized url.

Metadata

Metadata

Assignees

No one assigned

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions