OAuthV1 base string - parameters encoding

[cedel1]

Hello,

while trying to figure out issue mautic/mautic#1323 I think I tracked the problem to this library and may have found a bug. Would you please be so kind as to check the info below?

I think the library may miss query parameters key and value encoding as per https://tools.ietf.org/html/rfc5849#section-3.4.1.3.2 point, point 1., which leads to problems when the library is used to authenticate a request, that contains query parameter key or value, that contains special characters (like : or @).

The following commits solve the problem for me - it should not affect the behavior for requests without special chars. Would you accept them as pull request?

cedel1@76286a4
cedel1@c74f654

[alanhartless]

I agree - definitely a bug upstream. We are weighing our options to determine what we need to do. I'm not sure he's developing that library anymore so we may have to fork it.

[alanhartless]

whoops - wrong issue :-/ sorry!

[willdurand]

@alanhartless nope I don't develop it anymore, but I can give you admin rights to the repo if you want to maintain the lib (which would be super great!)

[alanhartless]

I'd be honored to! Thanks!
On Thu, Aug 18, 2016 at 12:57 William Durand notifications@github.com
wrote:

@alanhartless https://github.com/alanhartless nope I don't develop it
anymore, but I can give you admin rights to the repo if you want to
maintain the lib (which would be super great!)

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#31 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAD3UCAg6NVhM0sa3iKfNqjsGBbGzoGlks5qhJ0JgaJpZM4IpUk3
.