Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Add two-legged auth support

Adds two legged auth support by being smarter about picking up auth parameters from the request or building them on the fly.

Fixes the broken behavior of adding all parameters to the Authorization header
  • Loading branch information...
commit abc1b78a85ce48d3306ccee70ee4190a9da9c3b0 1 parent 711fab4
Marc Nijdam authored February 21, 2013

Showing 1 changed file with 23 additions and 9 deletions. Show diff stats Hide diff stats

  1. 32  AFOAuth1Client/AFOAuth1Client.m
32  AFOAuth1Client/AFOAuth1Client.m
@@ -327,19 +327,33 @@ - (NSMutableURLRequest *)requestWithMethod:(NSString *)method
327 327
                                       path:(NSString *)path
328 328
                                 parameters:(NSDictionary *)parameters
329 329
 {
  330
+    NSMutableDictionary *authParameters = [NSMutableDictionary dictionary];
330 331
     NSMutableDictionary *mutableParameters = parameters ? [parameters mutableCopy] : [NSMutableDictionary dictionary];
331  
-
332  
-    if (self.accessToken) {
333  
-        [mutableParameters addEntriesFromDictionary:[self OAuthParameters]];
334  
-        [mutableParameters setValue:self.accessToken.key forKey:@"oauth_token"];
  332
+    
  333
+    // for two legged auth just having a key and secret is enough
  334
+    if (self.key && self.secret) {
  335
+        [authParameters addEntriesFromDictionary:[self OAuthParameters]];
  336
+        if (self.accessToken) {
  337
+            [authParameters setValue:self.accessToken.key forKey:@"oauth_token"];
  338
+        }
335 339
     }
336  
-
337  
-    [mutableParameters setValue:[self OAuthSignatureForMethod:method path:path parameters:mutableParameters token:self.accessToken] forKey:@"oauth_signature"];
338  
-
  340
+    
  341
+    // allow oauth parameters to override and extend authparameters in case this is one of the
  342
+    // three legged auth step
  343
+    [mutableParameters enumerateKeysAndObjectsUsingBlock:^(id key, id obj, BOOL *stop) {
  344
+        if ([key isKindOfClass:[NSString class]] && [key hasPrefix:@"oauth_"]) {
  345
+            [authParameters setValue:obj forKey:key];
  346
+        }
  347
+    }];
  348
+    
  349
+    // re-add all to mutable params for signing
  350
+    [mutableParameters addEntriesFromDictionary:authParameters];
  351
+    [authParameters setValue:[self OAuthSignatureForMethod:method path:path parameters:mutableParameters token:self.accessToken] forKey:@"oauth_signature"];
  352
+    
339 353
     NSMutableURLRequest *request = [super requestWithMethod:method path:path parameters:parameters];
340  
-    [request setValue:[self authorizationHeaderForParameters:mutableParameters] forHTTPHeaderField:@"Authorization"];
  354
+    [request setValue:[self authorizationHeaderForParameters:authParameters] forHTTPHeaderField:@"Authorization"];
341 355
     [request setHTTPShouldHandleCookies:NO];
342  
-
  356
+    
343 357
     return request;
344 358
 }
345 359
 

0 notes on commit abc1b78

Please sign in to comment.
Something went wrong with that request. Please try again.