Fixes for issues #20, #22

jrconlin · Sep 29, 2014 · a56e61c · a56e61c
1 parent 73e9a0a
commit a56e61c
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 16 deletions.
diff --git a/js/OAuthSimple.js b/js/OAuthSimple.js
@@ -202,7 +202,7 @@ if (OAuthSimple === undefined)
                 this._secrets.oauth_token = this._secrets.access_token;
                 }
             if (this._secrets['access_secret']) {
-                this._secrets.oauth_secret = this._secrets.access_secret;
+                this._secrets.shared_secret = this._secrets.access_secret;
                 }
             if (this._secrets['oauth_token_secret']) {
                 this._secrets.oauth_secret = this._secrets.oauth_token_secret;
@@ -271,7 +271,7 @@ if (OAuthSimple === undefined)
             return {
                 parameters: this._parameters,
                 signature: this._oauthEscape(this._parameters['oauth_signature']),
-                signed_url: this._path + '?' + this._normalizedParameters(),
+                signed_url: this._path + '?' + normParams,
                 header: this.getHeaderString()
             };
         };
@@ -450,17 +450,20 @@ if (OAuthSimple === undefined)
             return elements.join('&');
         };
 
-        self._generateSignature = function() {
+        self._generateSignature = function(normParams="") {
 
             var secretKey = this._oauthEscape(this._secrets.shared_secret) + '&' +
                 this._oauthEscape(this._secrets.oauth_secret);
             if (this._parameters['oauth_signature_method'] == 'PLAINTEXT')
             {
                 return secretKey;
             }
+            if (normParams == "") {
+                normParams = this._normalizedParameters();
+            }
             if (this._parameters['oauth_signature_method'] == 'HMAC-SHA1')
             {
-                var sigString = this._oauthEscape(this._action) + '&' + this._oauthEscape(this._path) + '&' + this._oauthEscape(this._normalizedParameters());
+                var sigString = this._oauthEscape(this._action) + '&' + this._oauthEscape(this._path) + '&' + this.normParams);
                 return this.b64_hmac_sha1(secretKey, sigString);
             }
             return null;

diff --git a/perl/OAuthSimple.pm b/perl/OAuthSimple.pm
@@ -437,7 +437,7 @@ hash of arguments for the call. Allowed elements are:
         return {
             'parameters' => $this->{_parameters},
             'signature' => $this->_oauthEscape($this->{_parameters}->{oauth_signature}),
-            'signed_url' => $this->{_path} . '?' . $this->_normalizedParameters(),
+            'signed_url' => $this->{_path} . '?' . $normParams,
             'header' => $this->getHeaderString(),
             'sbs'=> $this->{sbs}
             };
@@ -607,6 +607,7 @@ see .sign()
 
     sub _generateSignature {
         my $this=shift;
+        my $normalizedParameters = shift;
         my $secretKey = '';
 
     	if(defined($this->{_secrets}->{shared_secret})) {
@@ -616,10 +617,13 @@ see .sign()
 	    if(defined($this->{_secrets}->{oauth_secret})) {
             $secretKey .= $this->_oauthEscape($this->{_secrets}->{oauth_secret});
         }
+        if (empty($normalizedParameters)) {
+            $normalizedParameters = $this->_normalizedParameters();
+        }
         if ($this->{_parameters}->{oauth_signature_method} eq 'PLAINTEXT') {
             return $secretKey;
         } elsif ($this->{_parameters}->{oauth_signature_method} eq 'HMAC-SHA1') {
-            $this->{sbs} = $this->_oauthEscape($this->{_action}).'&'.$this->_oauthEscape($this->{_path}).'&'.$this->_oauthEscape($this->_normalizedParameters());
+            $this->{sbs} = $this->_oauthEscape($this->{_action}).'&'.$this->_oauthEscape($this->{_path}).'&'.$normalizedParameters;
             # For what it's worth, I prefer long form method calls like this since it identifies the source package.
             return MIME::Base64::encode_base64(Digest::SHA::hmac_sha1($this->{sbs},$secretKey));
         } else {

diff --git a/php/OAuthSimple.php b/php/OAuthSimple.php
@@ -198,11 +198,11 @@ public function signatures ($signatures)
 		}
         if (isset($this->_secrets['access_secret']))
 		{
-            $this->_secrets['oauth_secret'] = $this->_secrets['access_secret'];
+            $this->_secrets['shared_secret'] = $this->_secrets['access_secret'];
         }
-        if (isset($this->_secrets['access_token_secret']))
+        if (isset($this->_secrets['oauth_token_secret']))
 		{
-            $this->_secrets['oauth_secret'] = $this->_secrets['access_token_secret'];
+            $this->_secrets['oauth_secret'] = $this->_secrets['oauth_token_secret'];
 		}
         if (empty($this->_secrets['consumer_key']))
 		{
@@ -289,7 +289,7 @@ public function sign($args=array())
         return Array (
             'parameters' => $this->_parameters,
             'signature' => self::_oauthEscape($this->_parameters['oauth_signature']),
-            'signed_url' => $this->_path . '?' . $this->_normalizedParameters(),
+            'signed_url' => $this->_path . '?' . $normParams,
             'header' => $this->getHeaderString(),
             'sbs'=> $this->sbs
             );
@@ -374,7 +374,7 @@ private static function _oauthEscape($string)
 		}
         $string = rawurlencode($string);
 
-	//FIX: rawurlencode of ~ 
+	    //FIX: rawurlencode of ~ 
        	$string = str_replace('%7E','~', $string);
        	$string = str_replace('+','%20',$string);
         $string = str_replace('!','%21',$string);
@@ -477,7 +477,7 @@ private function _normalizedParameters()
     }
 
 
-    private function _generateSignature () 
+    private function _generateSignature ($parameters="") 
     {
         $secretKey = '';
 		if(isset($this->_secrets['shared_secret']))
@@ -489,13 +489,16 @@ private function _generateSignature ()
 		if(isset($this->_secrets['oauth_secret']))
 		{
             $secretKey .= self::_oauthEscape($this->_secrets['oauth_secret']);
-		}
+        }
+        if(empty($parameters)){
+            $parameters = $this->_normalizedParameters();
+        }
         switch($this->_parameters['oauth_signature_method'])
         {
             case 'PLAINTEXT':
                 return urlencode($secretKey);;
             case 'HMAC-SHA1':
-                $this->sbs = self::_oauthEscape($this->_action).'&'.self::_oauthEscape($this->_path).'&'.self::_oauthEscape($this->_normalizedParameters());
+                $this->sbs = self::_oauthEscape($this->_action).'&'.self::_oauthEscape($this->_path).'&'.$parameters;
 
                 return base64_encode(hash_hmac('sha1',$this->sbs,$secretKey,TRUE));
             default:

diff --git a/python/OAuthSimple/OAuthSimple.py b/python/OAuthSimple/OAuthSimple.py
@@ -125,7 +125,7 @@ def sign(self, args={}):
                 'signature': self._oauthEscape(
                     self._parameters['oauth_signature']),
                 'signed_url': '%s?%s' % (self._path,
-                    self._normalizeParameters()),
+                    normParamString),
                 'header': self.getHeaderString(),
                 'sbs': self.sbs}
 
@@ -236,7 +236,7 @@ def _generateSignature(self, normParamString):
         elif (self._parameters['oauth_signature_method'] == 'HMAC-SHA1'):
             self.sbs = '&'.join([self._oauthEscape(self._action),
                                 self._oauthEscape(self._path),
-                                self._oauthEscape(normParamString)])
+                                normParamString])
         return base64.b64encode(hmac.new(secretKey,
                                 self.sbs,
                                 hashlib.sha1).digest())