summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Wood <matthew.d.wood@intel.com>2009-04-15 11:13:57 +0100
committerRoss Burton <ross@linux.intel.com>2009-04-15 11:16:37 +0100
commit697f72b836e5aa9a71c224c14d6d2a5079ded2c4 (patch)
tree2d1a5ea97621a73ba90ce7a7ce2b806da42e645b
parentffbeac5e6c7eeb6741f9731b85caea02c8df1ea2 (diff)
downloadlibrest-697f72b836e5aa9a71c224c14d6d2a5079ded2c4.tar.gz
Use correct encoding in HMAC-SHA1 signatures
Diffstat
-rw-r--r--rest/oauth-proxy-call.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/rest/oauth-proxy-call.c b/rest/oauth-proxy-call.c
index dcea294..22ff07b 100644
--- a/rest/oauth-proxy-call.c
+++ b/rest/oauth-proxy-call.c
@@ -90,20 +90,26 @@ sign_hmac (OAuthProxy *proxy, RestProxyCall *call)
{
OAuthProxyPrivate *priv;
RestProxyCallPrivate *callpriv;
- char *key, *signature;
+ char *key, *signature, *ep, *eep;
GString *text;
priv = PROXY_GET_PRIVATE (proxy);
callpriv = call->priv;
- key = g_strdup_printf ("%s&%s", priv->consumer_secret, priv->token_secret ?: "");
+ /* PLAINTEXT signature value is the HMAC-SHA1 key value */
+ key = sign_plaintext (priv);
text = g_string_new (NULL);
g_string_append (text, rest_proxy_call_get_method (REST_PROXY_CALL (call)));
g_string_append_c (text, '&');
g_string_append_uri_escaped (text, callpriv->url, NULL, FALSE);
g_string_append_c (text, '&');
- g_string_append (text, soup_uri_encode (encode_params (callpriv->params), "&="));
+
+ ep = encode_params (callpriv->params);
+ eep = OAUTH_ENCODE_STRING (ep);
+ g_string_append (text, eep);
+ g_free (ep);
+ g_free (eep);
signature = hmac_sha1 (key, text->str);
View Lorry Controller Status