Issue #2 resolved

Urlparse and non-http scheme

Vladimir Mihailenco avatarVladimir Mihailenco created an issue

django-oauth relies on urlparse to add parameters to callback url. oauth_provider.models:116:

parts = urlparse.urlparse(self.callback)

This works perfectly until non-http callback supplied. For example, Google Chrome OAuth generates following url, which can not be properly parsed with urlparse:

>>> urlparse.urlparse('chrome-extension://fnaffgdfmcfbjiifjkhbfbnjljaabiaj.com/chrome_ex_oauth.html?q=1')
ParseResult(scheme='chrome-extension', netloc='fnaffgdfmcfbjiifjkhbfbnjljaabiaj.com', path='/chrome_ex_oauth.html?q=1', params='', query='', fragment='')

As you see query is empty here and urlunparse generates URL like this:

.../callback?foo=bar?oauth_verifier=foobar

Possible fix could look like this:

query = 'oauth_verifier=%s' % self.verifier
if '?' in self.callback:
    query = '&' + query
else:
    query = '?' + query
return self.callback + query

Comments (5)

  1. Log in to comment
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.