From: Christian Weiske <cweiske@cweiske.de>
Date: Fri, 26 Sep 2014 09:08:05 +0000 (+0200)
Subject: Fix oauth problem with tomdroid.
X-Git-Tag: v0.2.0~11
X-Git-Url: https://git.cweiske.de/grauphel.git/commitdiff_plain/13b040be9828997d4352f05c8464b86f6effd9f9

Fix oauth problem with tomdroid.

Tomdroid[0] uses signpost[1] as oauth library. This lib detected our server
as OAuth 1.0 and not 1.0a because callback_confirmed was "TRUE" instead of
"true".
OAuth 1.0 does not have the verifier parameter, so it was ignored and not
sent to our server.

The OAuth RFC 5849 specifies in section 2.1:

  oauth_callback_confirmed
    MUST be present and set to "true".

TRUE is not true, so we failed to implement the spec correctly.

[0] https://launchpad.net/tomdroid
[1] https://github.com/mttkay/signpost
---

diff --git a/controller/oauthcontroller.php b/controller/oauthcontroller.php
index 29198bc..8672927 100644
--- a/controller/oauthcontroller.php
+++ b/controller/oauthcontroller.php
@@ -251,7 +251,7 @@ class OauthController extends Controller
                 array(
                     'oauth_token'              => $token->tokenKey,
                     'oauth_token_secret'       => $token->secret,
-                    'oauth_callback_confirmed' => 'TRUE'
+                    'oauth_callback_confirmed' => 'true'
                 )
             );
         } catch (OAuthException $e) {