Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug in calculation of oauth_body_hash parameter. Fix is trivial #2792

Closed
dvishniakov opened this issue Oct 12, 2017 · 1 comment
Closed

Bug in calculation of oauth_body_hash parameter. Fix is trivial #2792

dvishniakov opened this issue Oct 12, 2017 · 1 comment

Comments

@dvishniakov
Copy link
Contributor

dvishniakov commented Oct 12, 2017
edited

Summary

oauth_body_hash parameter is incorrectly calculated

Simplest Example to Reproduce

request({
    method: "POST",
    headers: [
      {
        name: "content-type",
        value: "application/xml"
      }
    ],
    url: "any_valid_url",
    body: "Hello World!",
    oauth: {
      body_hash: true,
      consumer_key: "jisc.ac.uk",
      consumer_secret: "secret",
      transport_method: "header",
    }
  }),

Expected Behavior

oauth_body_hash should be equal to "Lve95gjOVATpfV8EL5X4nxwjKHE"
Have a look at example here: https://tools.ietf.org/id/draft-eaton-oauth-bodyhash-00.html#anchor15
Or using an online tool: https://www.online-convert.com/result/df6e64e9-bc92-4ff3-b849-0c8f003c7e3c

Current Behavior

oauth_body_hash is calculated incorrectly. When using request-debug:

REQUEST make request http://ltiapps.net/test/tc-outcomes.php
{ request: 
   { ...,
     headers: 
      { ...,
        'content-length': 12,
        Authorization: 'OAuth oauth_body_hash="MmVmN2JkZTYwOGNlNTQwNGU5N2Q1ZjA0MmY5NWY4OWYxYzIzMjg3MQ%3D%3D",oauth_signature_method="HMAC-SHA1",..."' },
     body: 'Hello World!' } }

Possible Solution

PR is linked

Context

This issue fails my requests to IMS LTI Outcome service which requires POST requests and body hashes.

@simov FYI
@dvishniakov dvishniakov mentioned this issue Oct 12, 2017
Merged
2 tasks
@dvishniakov
Copy link
Contributor Author

@mikeal any ideas how is it possible to make some progress here? Thanks

simov added a commit that referenced this issue Mar 9, 2018
@simov
Merge pull request #2793 from dvishniakov/2792-oauth_body_hash
0b807c6 
Fixed calculation of oauth_body_hash, issue #2792
@renovate renovate bot mentioned this issue Mar 12, 2018
Merged
This was referenced Mar 19, 2018
Closed
Closed
Closed
Closed
This was referenced Mar 16, 2021
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dvishniakov