[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-users] OAuth 1.0 Authorization Header

From: Peter Bex
Subject: Re: [Chicken-users] OAuth 1.0 Authorization Header
Date: Tue, 23 Oct 2012 12:22:01 +0200
User-agent: Mutt/

On Tue, Oct 23, 2012 at 12:20:18AM +0100, Andy Bennett wrote:
> Hi,
> However, this results in my OAuth Authorization header looking like this:
> -----
> Authorization: Oauth oauth_signat...
> -----
> ...and this causes at least Dropbox's OAuth implementation to complain
> that the OAuth request is invalid.

Which is broken behavior.  It's probably best to also report this as a
bug with Dropbox (but still we might need to fix it ourselves too).

> To work around this I have patched my copy of the intarweb egg thusly:
> (sorry if it doesn't copy/paste well)
> -----
> diff -upr intarweb.orig/header-parsers.scm intarweb/header-parsers.scm
> --- intarweb.orig/header-parsers.scm    2012-10-23 00:09:28.266118261 +0100
> +++ intarweb/header-parsers.scm 2012-10-23 00:05:39.071326856 +0100
> @@ -823,7 +823,7 @@
>                                      (authorization-param-subunparsers)
>                                      eq? default-unparser))
>                 (unparsed-value (sprintf "~A ~A"
> -                                        (symbol->http-name auth-scheme)
> +                                        (symbol->string auth-scheme)
>                                          (unparser (get-params (car
> headers))))))
>            (loop (cdr headers) (cons unparsed-value result))))))
> -----
> This preserves the case of the symbol passed in by the API user.

Yeah, but this is still ugly.  You'd generally want to use an
all-lowercase symbol 'oauth in Chicken (and also to preserve read/write
invariance; it will be normally be down-cased upon read).  So perhaps
the only way to do this is to override the entire authorization unparser
with one that has a special case for the OAuth auth-scheme...

Yes, HTTP is an evil ugly mess which people tend to fuck up worse as
time goes by.  I just can't *wait* for the fun that is HTTP Bis.

"The process of preparing programs for a digital computer
 is especially attractive, not only because it can be economically
 and scientifically rewarding, but also because it can be an aesthetic
 experience much like composing poetry or music."
                                                        -- Donald Knuth

reply via email to

[Prev in Thread] Current Thread [Next in Thread]