Trim whitespace from public key and private key

author Tim Düsterhus <duesterhus@woltlab.com>

Sat, 3 Aug 2013 13:09:48 +0000 (15:09 +0200)

committer Tim Düsterhus <duesterhus@woltlab.com>

Sat, 3 Aug 2013 13:10:48 +0000 (15:10 +0200)
author Tim Düsterhus <duesterhus@woltlab.com>
Sat, 3 Aug 2013 13:09:48 +0000 (15:09 +0200)
committer Tim Düsterhus <duesterhus@woltlab.com>
Sat, 3 Aug 2013 13:10:48 +0000 (15:10 +0200)
diff --git a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php

index 02eb938e63e18387bedc9853797b0dac0345f029..aeb1ded5170cde3251d77ef2a26c1cbe778c3031 100644 (file)
--- a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
@@ -40,7 +40,7 @@ class FacebookAuthAction extends AbstractAction {
                 if (isset($_GET['code'])) {
                         try {
                                 // fetch access_token
-                               $request = new HTTPRequest('https://graph.facebook.com/oauth/access_token?client_id='.FACEBOOK_PUBLIC_KEY.'&redirect_uri='.rawurlencode($callbackURL).'&client_secret='.FACEBOOK_PRIVATE_KEY.'&code='.rawurlencode($_GET['code']));
+                               $request = new HTTPRequest('https://graph.facebook.com/oauth/access_token?client_id='.StringUtil::trim(FACEBOOK_PUBLIC_KEY).'&redirect_uri='.rawurlencode($callbackURL).'&client_secret='.StringUtil::trim(FACEBOOK_PRIVATE_KEY).'&code='.rawurlencode($_GET['code']));
                                 $request->execute();
                                 $reply = $request->getReply();
                                 
@@ -128,7 +128,7 @@ class FacebookAuthAction extends AbstractAction {
                 // start auth by redirecting to facebook
                 $token = StringUtil::getRandomID();
                 WCF::getSession()->register('__facebookInit', $token);
-               HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=".FACEBOOK_PUBLIC_KEY. "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=email,user_about_me,user_birthday,user_interests,user_location,user_website");
+               HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=".StringUtil::trim(FACEBOOK_PUBLIC_KEY). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=email,user_about_me,user_birthday,user_interests,user_location,user_website");
                 $this->executed();
                 exit;
         }
diff --git a/wcfsetup/install/files/lib/action/GithubAuthAction.class.php b/wcfsetup/install/files/lib/action/GithubAuthAction.class.php

index 6a403bb97055f24f18001fa03e6e878efbca55a4..7ab58ed56f150b0843d83c8fb206032e90cdad13 100644 (file)
--- a/wcfsetup/install/files/lib/action/GithubAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/GithubAuthAction.class.php
@@ -40,8 +40,8 @@ class GithubAuthAction extends AbstractAction {
                         try {
                                 // fetch access_token
                                 $request = new HTTPRequest('https://github.com/login/oauth/access_token', array(), array(
-                                       'client_id' => GITHUB_PUBLIC_KEY,
-                                       'client_secret' => GITHUB_PRIVATE_KEY,
+                                       'client_id' => StringUtil::trim(GITHUB_PUBLIC_KEY),
+                                       'client_secret' => StringUtil::trim(GITHUB_PRIVATE_KEY),
                                         'code' => $_GET['code']
                                 ));
                                 $request->execute();
@@ -160,7 +160,7 @@ class GithubAuthAction extends AbstractAction {
                 // start auth by redirecting to github
                 $token = StringUtil::getRandomID();
                 WCF::getSession()->register('__githubInit', $token);
-               HeaderUtil::redirect("https://github.com/login/oauth/authorize?client_id=".rawurlencode(GITHUB_PUBLIC_KEY)."&scope=".rawurlencode('user:email')."&state=".$token);
+               HeaderUtil::redirect("https://github.com/login/oauth/authorize?client_id=".rawurlencode(StringUtil::trim(GITHUB_PUBLIC_KEY))."&scope=".rawurlencode('user:email')."&state=".$token);
                 $this->executed();
                 exit;
         }
diff --git a/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php b/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php

index 8122d46be975b12a97d6473fa3288c25f460a0bb..1a553eaf7df7f98813c38d991178eefd0279ca54 100644 (file)
--- a/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php
@@ -44,8 +44,8 @@ class GoogleAuthAction extends AbstractAction {
                                 // fetch access_token
                                 $request = new HTTPRequest('https://accounts.google.com/o/oauth2/token', array(), array(
                                         'code' => $_GET['code'],
-                                       'client_id' => GOOGLE_PUBLIC_KEY,
-                                       'client_secret' => GOOGLE_PRIVATE_KEY,
+                                       'client_id' => StringUtil::trim(GOOGLE_PUBLIC_KEY),
+                                       'client_secret' => StringUtil::trim(GOOGLE_PRIVATE_KEY),
                                         'redirect_uri' => $callbackURL,
                                         'grant_type' => 'authorization_code'
                                 ));
@@ -138,7 +138,7 @@ class GoogleAuthAction extends AbstractAction {
                 // start auth by redirecting to google
                 $token = StringUtil::getRandomID();
                 WCF::getSession()->register('__googleInit', $token);
-               HeaderUtil::redirect("https://accounts.google.com/o/oauth2/auth?client_id=".rawurlencode(GOOGLE_PUBLIC_KEY). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/userinfo.email&response_type=code");
+               HeaderUtil::redirect("https://accounts.google.com/o/oauth2/auth?client_id=".rawurlencode(StringUtil::trim(GOOGLE_PUBLIC_KEY)). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/userinfo.email&response_type=code");
                 $this->executed();
                 exit;
         }
diff --git a/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php b/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php

index 17824e4343c1f17c9a5f86e51fa6cf2a4ec6e410..6e4e47d588d50a902494aa3fe562e171ef1bcd47 100644 (file)
--- a/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php
@@ -46,7 +46,7 @@ class TwitterAuthAction extends AbstractAction {
                         try {
                                 // fetch access_token
                                 $oauthHeader = array(
-                                       'oauth_consumer_key' => TWITTER_PUBLIC_KEY,
+                                       'oauth_consumer_key' => StringUtil::trim(TWITTER_PUBLIC_KEY),
                                         'oauth_nonce' => StringUtil::getRandomID(),
                                         'oauth_signature_method' => 'HMAC-SHA1',
                                         'oauth_timestamp' => TIME_NOW,
@@ -147,7 +147,7 @@ class TwitterAuthAction extends AbstractAction {
                         ));
                         $oauthHeader = array(
                                 'oauth_callback' => $callbackURL,
-                               'oauth_consumer_key' => TWITTER_PUBLIC_KEY,
+                               'oauth_consumer_key' => StringUtil::trim(TWITTER_PUBLIC_KEY),
                                 'oauth_nonce' => StringUtil::getRandomID(),
                                 'oauth_signature_method' => 'HMAC-SHA1',
                                 'oauth_timestamp' => TIME_NOW,
@@ -218,7 +218,7 @@ class TwitterAuthAction extends AbstractAction {
                 }
                 
                 $base = "POST&".rawurlencode($url)."&".rawurlencode($parameterString);
-               $key = rawurlencode(TWITTER_PRIVATE_KEY).'&'.rawurlencode($tokenSecret);
+               $key = rawurlencode(StringUtil::trim(TWITTER_PRIVATE_KEY)).'&'.rawurlencode($tokenSecret);
                 
                 return base64_encode(hash_hmac('sha1', $base, $key, true));
         }
@@ -244,4 +244,4 @@ class TwitterAuthAction extends AbstractAction {
                 $user = new User($row['userID']);
                 return $user;
         }
-}
+}
+\ No newline at end of file
author	Tim Düsterhus <duesterhus@woltlab.com>
	Sat, 3 Aug 2013 13:09:48 +0000 (15:09 +0200)
committer	Tim Düsterhus <duesterhus@woltlab.com>
	Sat, 3 Aug 2013 13:10:48 +0000 (15:10 +0200)
wcfsetup/install/files/lib/action/FacebookAuthAction.class.php		patch \| blob \| blame \| history
wcfsetup/install/files/lib/action/GithubAuthAction.class.php		patch \| blob \| blame \| history
wcfsetup/install/files/lib/action/GoogleAuthAction.class.php		patch \| blob \| blame \| history
wcfsetup/install/files/lib/action/TwitterAuthAction.class.php		patch \| blob \| blame \| history