Query string is altered when there's multiple entries with the same key

Question

Query string is altered when there's multiple entries with the same key

Opened this issue a year ago · 0 comments

Issue is shown when using the following snippet:

import * as OAuth from 'oauth';
const manager = new OAuth.OAuth('', '', 'key', 'secret', '1.0', () => {}, 'HMAC-SHA1');
manager.signUrl('https://example.com?query=a&query=b')

I get the following result:

https://example.com/?oauth_consumer_key=key&oauth_nonce=<nonce>&oauth_signature_method=HMAC-SHA1&oauth_timestamp=<timetamp>&oauth_version=1.0&query[0]=a&query[1]=b&oauth_signature=<signature>

The problem is that [0] and [1] are added where they did not exist before. The issues with this are:

the OAuth provider may not support array indexing using brackets so even URL encoding them will not work in this case (e.g. old .NET services might not, I have not personally encountered this but I know it is a possibility).
these brackets do not work in Tomcat 8.5+ because they are not allowable characters based on RFC 7230 and RFC 3986 there's also a stackoveflow issue about this (this issue I have personally encountered after an OAuth service I rely on upgraded their Tomcat server).

Ideally this library should not modify the parts of the input url, only add the additional OAuth fields.