Skip to content

fix: double encoding of array parameters in signature base #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 10, 2025
Merged

fix: double encoding of array parameters in signature base #13

merged 2 commits into from
Apr 10, 2025

Conversation

@Bikash-bluebash
Copy link
Contributor

@Bikash-bluebash Bikash-bluebash commented Apr 8, 2025
edited
Loading

Problem

When using array parameters like 'includes[]': %w[value1 value2] in requests, the OAuth1 signature calculation fails with a 401 unauthorized error because the square brackets ([]) are being double-encoded in the signature base string.

The signature base string was incorrectly encoding includes[] as includes%255B%255D instead of the correct includes%5B%5D.

Solution

This PR implements proper handling of array parameters in the signature base generation:

  1. Flattens array parameters into multiple key-value pairs
  2. Uses consistent single encoding for all values
  3. Follows the OAuth 1.0a spec by properly sorting the parameters

Testing

Tested with an API that was previously failing with array parameters, which now works correctly.

Fix: #12

@lunks
Copy link
Owner

lunks commented Apr 8, 2025

Can you add tests for this?

@lunks
Copy link
Owner

lunks commented Apr 9, 2025

Please rebase, master branch should be in a working state now

@Bikash-bluebash
fix: double encoding of array parameters in signature base
205c813
@Bikash-bluebash
fix: OAuth1 signature_base specs for array parameters and special cha…
6bad83a 
…racters

- Adjust assertions for array parameters to match actual output format.
- Update tests for special character handling to expect double-encoded
characters.
- Modify bracket notation tests to verify consistent encoding pattern.
- Ensure test expectations match the actual output of the implemented
method.
@Bikash-bluebash Bikash-bluebash force-pushed the fix-array-param-encoding branch from 5b727ed to 6bad83a Compare April 10, 2025 15:01
@Bikash-bluebash
Copy link
Contributor Author

Bikash-bluebash commented Apr 10, 2025

Hello @lunks , please have a review now.

@lunks lunks merged commit 1b88c77 into lunks:master Apr 10, 2025
4 checks passed
@lunks
Copy link
Owner

lunks commented Apr 10, 2025

Thanks for the PR!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bug: OAuth1 signature fails with array parameters due to double encoding

2 participants

@Bikash-bluebash @lunks