API calls to Magento2 would fail with signature invalid errors

[artiomchi]

Expected Behavior

RestSharp should calculate a valid HMAC signature when making OAuth1 api requests

Actual Behavior

Requests would fail if any query string parameters are used, and are passed to Magento in the url field.

Steps to Reproduce the Problem

1. Get Magento2 API OAuth credentials
2. Attempt to make API requests to Magento with query string params
   e.g. to customers/search?searchCriteria[sortOrders][0][field]=created_at&searchCriteria[sortOrders][0][direction]=DESC
3. Request will fail on Magento side with Invalid signature

Specifications

• Version: 106.3.1
• Platform: Windows
• Subsystem:

[artiomchi]

We spent a couple days digging deep, and requests will only fail when a query string is used. If we encode the WHOLE query string (including = and &), the signature becomes valid, but at this point the query string is not actually valid at all (since encoding the above characters makes them part of the query string key, with no value)

e.g. customers/search?searchCriteria%5BsortOrders%5D%5B0%5D%5Bfield%5D%3Dcreated_at%26searchCriteria%5BsortOrders%5D%5B0%5D%5Bdirection%5D%3DDESC will get a valid signature, but the actual query params aren't applied (since that's not how you encode the url 😄)

[alexeyzimarev]

@artiomchi since the PR was merged, do we need to keep this issue open?

[artiomchi]

Oh yeah, I forgot to close this one, thanks