From: Christian Weiske <cweiske@cweiske.de>
Date: Fri, 26 Sep 2014 09:08:05 +0000 (+0200)
Subject: Fix oauth problem with tomdroid.
X-Git-Tag: v0.2.0~11
X-Git-Url: https://git.cweiske.de/grauphel.git/commitdiff_plain/13b040be9828997d4352f05c8464b86f6effd9f9?hp=f1db8976591ace3a1879ddd1217ed22bdca82dc2

Fix oauth problem with tomdroid.

Tomdroid[0] uses signpost[1] as oauth library. This lib detected our server
as OAuth 1.0 and not 1.0a because callback_confirmed was "TRUE" instead of
"true".
OAuth 1.0 does not have the verifier parameter, so it was ignored and not
sent to our server.

The OAuth RFC 5849 specifies in section 2.1:

  oauth_callback_confirmed
    MUST be present and set to "true".

TRUE is not true, so we failed to implement the spec correctly.

[0] https://launchpad.net/tomdroid
[1] https://github.com/mttkay/signpost
---

diff --git a/controller/oauthcontroller.php b/controller/oauthcontroller.php
index 29198bc..8672927 100644
--- a/controller/oauthcontroller.php
+++ b/controller/oauthcontroller.php
@@ -251,7 +251,7 @@ class OauthController extends Controller
                 array(
                     'oauth_token'              => $token->tokenKey,
                     'oauth_token_secret'       => $token->secret,
-                    'oauth_callback_confirmed' => 'TRUE'
+                    'oauth_callback_confirmed' => 'true'
                 )
             );
         } catch (OAuthException $e) {