cannot authenticate when username is an email

Question

cannot authenticate when username is an email

Closed this issue 14 years ago · 2 comments

hi eric,

thank you for your hard work.

i am encountering an issue when the username field is an email address, specifically it has the @ sign.
this prevents authentication against an xauth server. if i try the client with a username that has no @ sign - it works fine.

when browsing through the code is see that the username field is being urlencoded, however - there for some reason the client is not generating the right signature.

best wishes,

~nir.

Answer 1 · 2011-05-07T16:08:10.000Z

xAuth does accept email addresses. Your POST body by definition needs to be URL-escaped, and when you generate your signature base string you'll be URL encoding the URL-encoded values again. So you need to modify the baseString function to urlEncode the username and password again like below.

if (state == TwitterXAuthStateAuthorize)
params = [params arrayByAddingObjectsFromArray:[NSArray arrayWithObjects:[NSString stringWithFormat:@"%@%%3D%@", @"x_auth_mode", x_auth_mode],
[NSString stringWithFormat:@"%@%%3D%@", @"x_auth_password", [x_auth_password urlEncode]],
[NSString stringWithFormat:@"%@%%3D%@", @"x_auth_username", [x_auth_username urlEncode]],

Answer 2 · 2011-05-07T18:52:55.000Z

thanks for your comment, this solves the problem.