Mod Porter with Oauth Gem Issues #4

Open
bradly opened this Issue Jul 20, 2009 · 3 comments

Projects

None yet

2 participants

@bradly
bradly commented Jul 20, 2009

When using the Ruby Oauth gem and mod_porter signatures aren't matching. I'm looking into this now, but if anyone has any ideas, that would be great.

Thanks!
Bradly

Collaborator
NZKoz commented Aug 3, 2009

Did you get any further with this?

bradly commented Aug 5, 2009

The Oauth spec allows for not including post parameters in the signature generation when the content-type of the request is multipart/form-data. Mod Porter changes the content-type of uploads to application/x-www-form-urlencoded. This was causing the signatures to not match up. I'm not sure if this is a bug in Mod Porter, but maybe just something that could be noted in the readme. Let me know if there is any other info you need.

Thanks,
Bradly

Collaborator
NZKoz commented Aug 6, 2009

I assume you're only checking oauth signatures for the authentication actions / urls? or do you have to do that for everything. (I know nothing about oauth sorry).

If you can skip the processing for upload actions, perhaps you can just set mod porter's PorterMinSize directive to something high enough it doesn't trigger?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment