From df73c2e114bef37f07b986a5af15ff86ea05b733 Mon Sep 17 00:00:00 2001 From: Chris Chabot Date: Sun, 18 Jan 2009 10:04:14 +0000 Subject: [PATCH] SHINDIG-854 by Eiji Kitamura, fixes the following issues for the oauth proxy service: - According to XSD, each url for OAuthServices (request, authorization, access) isn't mandatory. Current implementation is assuming they are existing. - parseEndPoint had better trim its paramers. - Some parameters (OAuth/Service@name, OAuth/Service/Request@url, OAuth/Service/Access@url, OAuth/Service/Authorization@url) are required but not checked on current code. - OAuth param_location isn't conforming to the spec. git-svn-id: https://svn.apache.org/repos/asf/incubator/shindig/trunk@735423 13f79535-47bb-0310-9956-ffa450edef68 --- php/src/gadgets/UserPrefs.php | 2 +- php/src/gadgets/oauth/OAuthService.php | 24 +++++++++++++++--------- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/php/src/gadgets/UserPrefs.php b/php/src/gadgets/UserPrefs.php index a7fa3311..4b02f1d9 100644 --- a/php/src/gadgets/UserPrefs.php +++ b/php/src/gadgets/UserPrefs.php @@ -32,4 +32,4 @@ class UserPrefs { public function getPref($name) { return isset($this->prefs[$name]) ? $this->prefs[$name] : null; } -} \ No newline at end of file +} diff --git a/php/src/gadgets/oauth/OAuthService.php b/php/src/gadgets/oauth/OAuthService.php index bec8d549..701d384b 100644 --- a/php/src/gadgets/oauth/OAuthService.php +++ b/php/src/gadgets/oauth/OAuthService.php @@ -35,23 +35,29 @@ class OAuthService { public function __construct($service) { $attrs = $service->attributes(); $this->name = (string)$attrs['name']; - $this->requestUrl = $this->parseEndPoint($service->Request->attributes()); - $this->authorizationUrl = $this->parseEndPoint($service->Authorization->attributes()); - $this->accessUrl = $this->parseEndPoint($service->Access->attributes()); + if (isset($service->Request)) { + $this->requestUrl = $this->parseEndPoint($service->Request->attributes()); + } + if (isset($service->Authorization)) { + $this->authorizationUrl = $this->parseEndPoint($service->Authorization->attributes()); + } + if (isset($service->Access)) { + $this->accessUrl = $this->parseEndPoint($service->Access->attributes()); + } } private function parseEndPoint($element) { - $url = (string)$element[OAuthService::$URL_ATTR]; + $url = trim((string)$element[OAuthService::$URL_ATTR]); if (empty($url)) { throw new SpecParserException("Not an HTTP url"); } $location = Location::$header; - $locationString = (string)$element[OAuthService::$PARAM_LOCATION_ATTR]; + $locationString = trim((string)$element[OAuthService::$PARAM_LOCATION_ATTR]); if (! empty($locationString)) { $location = $locationString; } $method = Method::$GET; - $methodString = (string)$element[OAuthService::$METHOD_ATTR]; + $methodString = trim((string)$element[OAuthService::$METHOD_ATTR]); if (! empty($methodString)) { $method = $methodString; } @@ -88,9 +94,9 @@ class Method { * access token, or resource URL. (Lowercase to match gadget spec schema) */ class Location { - public static $header = "header"; - public static $url = "url"; - public static $body = "body"; + public static $header = "auth-header"; + public static $url = "url-query"; + public static $body = "post-body"; } /** -- 2.11.4.GIT