Replace the content type with correct one
The content type `application/x-www-urlformencoded` used in OAuth1 extension is not spelled correctly, the correct one should be `application/x-www-form-urlencoded` according to W3C recommendation [1] and implementaion in oauth1 lib [2]. [1] https://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1 [2] https://github.com/idan/oauthlib/blob/master/oauthlib/oauth1/rfc5849/__init__.py#L39 Change-Id: I9ead0a633e3801f5150685c44b1174d3b4dc408c
This commit is contained in:
parent
b26200beb8
commit
72b274defc
@ -260,7 +260,7 @@ class OAuthControllerV3(controller.V3Controller):
|
||||
expiry_bit = '&oauth_expires_at=%s' % token_ref['expires_at']
|
||||
result += expiry_bit
|
||||
|
||||
headers = [('Content-Type', 'application/x-www-urlformencoded')]
|
||||
headers = [('Content-Type', 'application/x-www-form-urlencoded')]
|
||||
response = wsgi.render_response(
|
||||
result,
|
||||
status=(http_client.CREATED,
|
||||
@ -341,7 +341,7 @@ class OAuthControllerV3(controller.V3Controller):
|
||||
expiry_bit = '&oauth_expires_at=%s' % (token_ref['expires_at'])
|
||||
result += expiry_bit
|
||||
|
||||
headers = [('Content-Type', 'application/x-www-urlformencoded')]
|
||||
headers = [('Content-Type', 'application/x-www-form-urlencoded')]
|
||||
response = wsgi.render_response(
|
||||
result,
|
||||
status=(http_client.CREATED,
|
||||
|
@ -268,7 +268,7 @@ class OAuthFlowTests(OAuth1Tests):
|
||||
self.project_id)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
request_key = credentials['oauth_token'][0]
|
||||
request_secret = credentials['oauth_token_secret'][0]
|
||||
@ -287,7 +287,7 @@ class OAuthFlowTests(OAuth1Tests):
|
||||
self.request_token)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
access_key = credentials['oauth_token'][0]
|
||||
access_secret = credentials['oauth_token_secret'][0]
|
||||
@ -544,7 +544,7 @@ class AuthTokenTests(object):
|
||||
self.project_id)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
request_key = credentials['oauth_token'][0]
|
||||
request_secret = credentials['oauth_token_secret'][0]
|
||||
@ -647,7 +647,7 @@ class MaliciousOAuth1Tests(OAuth1Tests):
|
||||
url, headers = self._create_request_token(consumer, self.project_id)
|
||||
self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
url = self._authorize_request_token(uuid.uuid4().hex)
|
||||
body = {'roles': [{'id': self.role_id}]}
|
||||
self.put(url, body=body, expected_status=http_client.NOT_FOUND)
|
||||
@ -678,7 +678,7 @@ class MaliciousOAuth1Tests(OAuth1Tests):
|
||||
url, headers = self._create_request_token(consumer, self.project_id)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
request_key = credentials['oauth_token'][0]
|
||||
request_secret = credentials['oauth_token_secret'][0]
|
||||
@ -704,7 +704,7 @@ class MaliciousOAuth1Tests(OAuth1Tests):
|
||||
url, headers = self._create_request_token(consumer, self.project_id)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
request_key = credentials['oauth_token'][0]
|
||||
|
||||
@ -728,7 +728,7 @@ class MaliciousOAuth1Tests(OAuth1Tests):
|
||||
self.project_id)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
request_key = credentials['oauth_token'][0]
|
||||
request_secret = credentials['oauth_token_secret'][0]
|
||||
@ -751,7 +751,7 @@ class MaliciousOAuth1Tests(OAuth1Tests):
|
||||
self.project_id)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
request_key = credentials['oauth_token'][0]
|
||||
request_secret = credentials['oauth_token_secret'][0]
|
||||
@ -768,7 +768,7 @@ class MaliciousOAuth1Tests(OAuth1Tests):
|
||||
self.request_token)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
access_key = credentials['oauth_token'][0]
|
||||
access_secret = credentials['oauth_token_secret'][0]
|
||||
@ -852,7 +852,7 @@ class OAuthNotificationTests(OAuth1Tests,
|
||||
self.project_id)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
request_key = credentials['oauth_token'][0]
|
||||
request_secret = credentials['oauth_token_secret'][0]
|
||||
@ -881,7 +881,7 @@ class OAuthNotificationTests(OAuth1Tests,
|
||||
self.request_token)
|
||||
content = self.post(
|
||||
url, headers=headers,
|
||||
response_content_type='application/x-www-urlformencoded')
|
||||
response_content_type='application/x-www-form-urlencoded')
|
||||
credentials = _urllib_parse_qs_text_keys(content.result)
|
||||
access_key = credentials['oauth_token'][0]
|
||||
access_secret = credentials['oauth_token_secret'][0]
|
||||
|
@ -0,0 +1,6 @@
|
||||
---
|
||||
other:
|
||||
- >
|
||||
The response's content type for creating request token or access token
|
||||
is changed to `application/x-www-form-urlencoded`, the old value
|
||||
`application/x-www-urlformencoded` is invalid and will no longer be used.
|
Loading…
Reference in New Issue
Block a user