Invalid Exception in function requestToken of OauthServer
Opened this issue · 2 comments
GoogleCodeExporter commented
What steps will reproduce the problem?
1.one user request the token with a wrong timestamp
( > MAX(osn_timestamp) + max_timestamp_skew).
2.All other users receive the exception "Timestamp is out of sequence"
What is the expected output? What do you see instead?
the expected output is the token, the library return exception instead.
What version of the product are you using? On what operating system?
175
Please provide any additional information below.
When a user requests the token the library check the server nonce, but the user
doesn't have it yet. In the sql table of the server nonce appear a row with a
nonce 0.
All other user, during login action, have the same token (0) and one wrong
timestamp make impossible to require the initial token for all.
Original issue reported on code.google.com by vittorio...@nealab.it
on 17 May 2011 at 2:55
GoogleCodeExporter commented
I have fix this bug adding if($this->getParam('oauth_token')) before to
$this->store->checkServerNonce( $this->urldecode($consumer_key),
$this->urldecode($token),
$this->getParam('oauth_timestamp', true),
$this->getParam('oauth_nonce', true));
in function verifyExtended (class OauthRequestVerifier)
Original comment by vittorio...@nealab.it
on 17 May 2011 at 3:27
Attachments:
GoogleCodeExporter commented
Please fix this! This is a major problem.
(And thanks for the bug fix. Saved my day.)
Original comment by matthias...@gmail.com
on 3 Apr 2012 at 7:47