Trim whitespace from public key and private key
authorTim Düsterhus <duesterhus@woltlab.com>
Sat, 3 Aug 2013 13:09:48 +0000 (15:09 +0200)
committerTim Düsterhus <duesterhus@woltlab.com>
Sat, 3 Aug 2013 13:10:48 +0000 (15:10 +0200)
wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
wcfsetup/install/files/lib/action/GithubAuthAction.class.php
wcfsetup/install/files/lib/action/GoogleAuthAction.class.php
wcfsetup/install/files/lib/action/TwitterAuthAction.class.php

index 02eb938e63e18387bedc9853797b0dac0345f029..aeb1ded5170cde3251d77ef2a26c1cbe778c3031 100644 (file)
@@ -40,7 +40,7 @@ class FacebookAuthAction extends AbstractAction {
                if (isset($_GET['code'])) {
                        try {
                                // fetch access_token
-                               $request = new HTTPRequest('https://graph.facebook.com/oauth/access_token?client_id='.FACEBOOK_PUBLIC_KEY.'&redirect_uri='.rawurlencode($callbackURL).'&client_secret='.FACEBOOK_PRIVATE_KEY.'&code='.rawurlencode($_GET['code']));
+                               $request = new HTTPRequest('https://graph.facebook.com/oauth/access_token?client_id='.StringUtil::trim(FACEBOOK_PUBLIC_KEY).'&redirect_uri='.rawurlencode($callbackURL).'&client_secret='.StringUtil::trim(FACEBOOK_PRIVATE_KEY).'&code='.rawurlencode($_GET['code']));
                                $request->execute();
                                $reply = $request->getReply();
                                
@@ -128,7 +128,7 @@ class FacebookAuthAction extends AbstractAction {
                // start auth by redirecting to facebook
                $token = StringUtil::getRandomID();
                WCF::getSession()->register('__facebookInit', $token);
-               HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=".FACEBOOK_PUBLIC_KEY. "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=email,user_about_me,user_birthday,user_interests,user_location,user_website");
+               HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=".StringUtil::trim(FACEBOOK_PUBLIC_KEY). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=email,user_about_me,user_birthday,user_interests,user_location,user_website");
                $this->executed();
                exit;
        }
index 6a403bb97055f24f18001fa03e6e878efbca55a4..7ab58ed56f150b0843d83c8fb206032e90cdad13 100644 (file)
@@ -40,8 +40,8 @@ class GithubAuthAction extends AbstractAction {
                        try {
                                // fetch access_token
                                $request = new HTTPRequest('https://github.com/login/oauth/access_token', array(), array(
-                                       'client_id' => GITHUB_PUBLIC_KEY,
-                                       'client_secret' => GITHUB_PRIVATE_KEY,
+                                       'client_id' => StringUtil::trim(GITHUB_PUBLIC_KEY),
+                                       'client_secret' => StringUtil::trim(GITHUB_PRIVATE_KEY),
                                        'code' => $_GET['code']
                                ));
                                $request->execute();
@@ -160,7 +160,7 @@ class GithubAuthAction extends AbstractAction {
                // start auth by redirecting to github
                $token = StringUtil::getRandomID();
                WCF::getSession()->register('__githubInit', $token);
-               HeaderUtil::redirect("https://github.com/login/oauth/authorize?client_id=".rawurlencode(GITHUB_PUBLIC_KEY)."&scope=".rawurlencode('user:email')."&state=".$token);
+               HeaderUtil::redirect("https://github.com/login/oauth/authorize?client_id=".rawurlencode(StringUtil::trim(GITHUB_PUBLIC_KEY))."&scope=".rawurlencode('user:email')."&state=".$token);
                $this->executed();
                exit;
        }
index 8122d46be975b12a97d6473fa3288c25f460a0bb..1a553eaf7df7f98813c38d991178eefd0279ca54 100644 (file)
@@ -44,8 +44,8 @@ class GoogleAuthAction extends AbstractAction {
                                // fetch access_token
                                $request = new HTTPRequest('https://accounts.google.com/o/oauth2/token', array(), array(
                                        'code' => $_GET['code'],
-                                       'client_id' => GOOGLE_PUBLIC_KEY,
-                                       'client_secret' => GOOGLE_PRIVATE_KEY,
+                                       'client_id' => StringUtil::trim(GOOGLE_PUBLIC_KEY),
+                                       'client_secret' => StringUtil::trim(GOOGLE_PRIVATE_KEY),
                                        'redirect_uri' => $callbackURL,
                                        'grant_type' => 'authorization_code'
                                ));
@@ -138,7 +138,7 @@ class GoogleAuthAction extends AbstractAction {
                // start auth by redirecting to google
                $token = StringUtil::getRandomID();
                WCF::getSession()->register('__googleInit', $token);
-               HeaderUtil::redirect("https://accounts.google.com/o/oauth2/auth?client_id=".rawurlencode(GOOGLE_PUBLIC_KEY). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/userinfo.email&response_type=code");
+               HeaderUtil::redirect("https://accounts.google.com/o/oauth2/auth?client_id=".rawurlencode(StringUtil::trim(GOOGLE_PUBLIC_KEY)). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/userinfo.email&response_type=code");
                $this->executed();
                exit;
        }
index 17824e4343c1f17c9a5f86e51fa6cf2a4ec6e410..6e4e47d588d50a902494aa3fe562e171ef1bcd47 100644 (file)
@@ -46,7 +46,7 @@ class TwitterAuthAction extends AbstractAction {
                        try {
                                // fetch access_token
                                $oauthHeader = array(
-                                       'oauth_consumer_key' => TWITTER_PUBLIC_KEY,
+                                       'oauth_consumer_key' => StringUtil::trim(TWITTER_PUBLIC_KEY),
                                        'oauth_nonce' => StringUtil::getRandomID(),
                                        'oauth_signature_method' => 'HMAC-SHA1',
                                        'oauth_timestamp' => TIME_NOW,
@@ -147,7 +147,7 @@ class TwitterAuthAction extends AbstractAction {
                        ));
                        $oauthHeader = array(
                                'oauth_callback' => $callbackURL,
-                               'oauth_consumer_key' => TWITTER_PUBLIC_KEY,
+                               'oauth_consumer_key' => StringUtil::trim(TWITTER_PUBLIC_KEY),
                                'oauth_nonce' => StringUtil::getRandomID(),
                                'oauth_signature_method' => 'HMAC-SHA1',
                                'oauth_timestamp' => TIME_NOW,
@@ -218,7 +218,7 @@ class TwitterAuthAction extends AbstractAction {
                }
                
                $base = "POST&".rawurlencode($url)."&".rawurlencode($parameterString);
-               $key = rawurlencode(TWITTER_PRIVATE_KEY).'&'.rawurlencode($tokenSecret);
+               $key = rawurlencode(StringUtil::trim(TWITTER_PRIVATE_KEY)).'&'.rawurlencode($tokenSecret);
                
                return base64_encode(hash_hmac('sha1', $base, $key, true));
        }
@@ -244,4 +244,4 @@ class TwitterAuthAction extends AbstractAction {
                $user = new User($row['userID']);
                return $user;
        }
-}
+}
\ No newline at end of file