From: Tim Düsterhus <duesterhus@woltlab.com>
Date: Sat, 3 Aug 2013 13:09:48 +0000 (+0200)
Subject: Trim whitespace from public key and private key
X-Git-Tag: 2.0.0_Beta_7~62^2~20
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=8fa67fb3eb639d287664c7f20d864999ae24162d;p=GitHub%2FWoltLab%2FWCF.git

Trim whitespace from public key and private key
---

diff --git a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
index 02eb938e63..aeb1ded517 100644
--- a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
@@ -40,7 +40,7 @@ class FacebookAuthAction extends AbstractAction {
 		if (isset($_GET['code'])) {
 			try {
 				// fetch access_token
-				$request = new HTTPRequest('https://graph.facebook.com/oauth/access_token?client_id='.FACEBOOK_PUBLIC_KEY.'&redirect_uri='.rawurlencode($callbackURL).'&client_secret='.FACEBOOK_PRIVATE_KEY.'&code='.rawurlencode($_GET['code']));
+				$request = new HTTPRequest('https://graph.facebook.com/oauth/access_token?client_id='.StringUtil::trim(FACEBOOK_PUBLIC_KEY).'&redirect_uri='.rawurlencode($callbackURL).'&client_secret='.StringUtil::trim(FACEBOOK_PRIVATE_KEY).'&code='.rawurlencode($_GET['code']));
 				$request->execute();
 				$reply = $request->getReply();
 				
@@ -128,7 +128,7 @@ class FacebookAuthAction extends AbstractAction {
 		// start auth by redirecting to facebook
 		$token = StringUtil::getRandomID();
 		WCF::getSession()->register('__facebookInit', $token);
-		HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=".FACEBOOK_PUBLIC_KEY. "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=email,user_about_me,user_birthday,user_interests,user_location,user_website");
+		HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=".StringUtil::trim(FACEBOOK_PUBLIC_KEY). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=email,user_about_me,user_birthday,user_interests,user_location,user_website");
 		$this->executed();
 		exit;
 	}
diff --git a/wcfsetup/install/files/lib/action/GithubAuthAction.class.php b/wcfsetup/install/files/lib/action/GithubAuthAction.class.php
index 6a403bb970..7ab58ed56f 100644
--- a/wcfsetup/install/files/lib/action/GithubAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/GithubAuthAction.class.php
@@ -40,8 +40,8 @@ class GithubAuthAction extends AbstractAction {
 			try {
 				// fetch access_token
 				$request = new HTTPRequest('https://github.com/login/oauth/access_token', array(), array(
-					'client_id' => GITHUB_PUBLIC_KEY,
-					'client_secret' => GITHUB_PRIVATE_KEY,
+					'client_id' => StringUtil::trim(GITHUB_PUBLIC_KEY),
+					'client_secret' => StringUtil::trim(GITHUB_PRIVATE_KEY),
 					'code' => $_GET['code']
 				));
 				$request->execute();
@@ -160,7 +160,7 @@ class GithubAuthAction extends AbstractAction {
 		// start auth by redirecting to github
 		$token = StringUtil::getRandomID();
 		WCF::getSession()->register('__githubInit', $token);
-		HeaderUtil::redirect("https://github.com/login/oauth/authorize?client_id=".rawurlencode(GITHUB_PUBLIC_KEY)."&scope=".rawurlencode('user:email')."&state=".$token);
+		HeaderUtil::redirect("https://github.com/login/oauth/authorize?client_id=".rawurlencode(StringUtil::trim(GITHUB_PUBLIC_KEY))."&scope=".rawurlencode('user:email')."&state=".$token);
 		$this->executed();
 		exit;
 	}
diff --git a/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php b/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php
index 8122d46be9..1a553eaf7d 100644
--- a/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php
@@ -44,8 +44,8 @@ class GoogleAuthAction extends AbstractAction {
 				// fetch access_token
 				$request = new HTTPRequest('https://accounts.google.com/o/oauth2/token', array(), array(
 					'code' => $_GET['code'],
-					'client_id' => GOOGLE_PUBLIC_KEY,
-					'client_secret' => GOOGLE_PRIVATE_KEY,
+					'client_id' => StringUtil::trim(GOOGLE_PUBLIC_KEY),
+					'client_secret' => StringUtil::trim(GOOGLE_PRIVATE_KEY),
 					'redirect_uri' => $callbackURL,
 					'grant_type' => 'authorization_code'
 				));
@@ -138,7 +138,7 @@ class GoogleAuthAction extends AbstractAction {
 		// start auth by redirecting to google
 		$token = StringUtil::getRandomID();
 		WCF::getSession()->register('__googleInit', $token);
-		HeaderUtil::redirect("https://accounts.google.com/o/oauth2/auth?client_id=".rawurlencode(GOOGLE_PUBLIC_KEY). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/userinfo.email&response_type=code");
+		HeaderUtil::redirect("https://accounts.google.com/o/oauth2/auth?client_id=".rawurlencode(StringUtil::trim(GOOGLE_PUBLIC_KEY)). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/userinfo.email&response_type=code");
 		$this->executed();
 		exit;
 	}
diff --git a/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php b/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php
index 17824e4343..6e4e47d588 100644
--- a/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php
@@ -46,7 +46,7 @@ class TwitterAuthAction extends AbstractAction {
 			try {
 				// fetch access_token
 				$oauthHeader = array(
-					'oauth_consumer_key' => TWITTER_PUBLIC_KEY,
+					'oauth_consumer_key' => StringUtil::trim(TWITTER_PUBLIC_KEY),
 					'oauth_nonce' => StringUtil::getRandomID(),
 					'oauth_signature_method' => 'HMAC-SHA1',
 					'oauth_timestamp' => TIME_NOW,
@@ -147,7 +147,7 @@ class TwitterAuthAction extends AbstractAction {
 			));
 			$oauthHeader = array(
 				'oauth_callback' => $callbackURL,
-				'oauth_consumer_key' => TWITTER_PUBLIC_KEY,
+				'oauth_consumer_key' => StringUtil::trim(TWITTER_PUBLIC_KEY),
 				'oauth_nonce' => StringUtil::getRandomID(),
 				'oauth_signature_method' => 'HMAC-SHA1',
 				'oauth_timestamp' => TIME_NOW,
@@ -218,7 +218,7 @@ class TwitterAuthAction extends AbstractAction {
 		}
 		
 		$base = "POST&".rawurlencode($url)."&".rawurlencode($parameterString);
-		$key = rawurlencode(TWITTER_PRIVATE_KEY).'&'.rawurlencode($tokenSecret);
+		$key = rawurlencode(StringUtil::trim(TWITTER_PRIVATE_KEY)).'&'.rawurlencode($tokenSecret);
 		
 		return base64_encode(hash_hmac('sha1', $base, $key, true));
 	}
@@ -244,4 +244,4 @@ class TwitterAuthAction extends AbstractAction {
 		$user = new User($row['userID']);
 		return $user;
 	}
-}
+}
\ No newline at end of file