We were also skipping over the intermediate error from the provider's fetchAuthorizationInformation(), which will cause an (incorrect) error about the provider interface.
…mation() We weren't checking the err response before. This patch adds a quick check and a call to the authorize_provider if there's an error.
…allback The authenticateUser() method of the OAuthServices class was returning the results of provider.authenticateUser() instead of provider.associateTokenToUser(). This gives incorrect results if associateTokenToUser() doesn't return the identical object (the in-memory provider does, which is probably why this doesn't come up). This patch changes the function so that if associateTokenToUser() returns a non-identical object (say, if you use a database) you get the most up-to-date object back.
…nsumer Per Issue #97, the tokenByConsumer() method assumes only a single request token per client application. This would prevent two users from authorizing the same app at the same time -- unfortunate! This patch creates a new OAuthDataProvider method, tokenByTokenAndConsumer(), which retrieves the full value based on both the token and the consumer_key. Providers that already implement tokenByConsumer() should continue working, but newer apps can ignore it and implement the newer method.
I also changed the indent of verifyToken so it hopefully won't happen again.
…ation/x-www-form-urlencoded Fixes Issue #91. We only consider body attributes as parameters if they're actually parameters per http://tools.ietf.org/html/rfc5849#section-18.104.22.168.
…sumerKey() Fix for issue #89.
…tionally the user's email address)
…t a dev account)