Subject: | Defaulting to OAuth 1.0 breaks Twitter support |
Date: | Tue, 15 Mar 2011 13:55:07 +0100 |
To: | bug-Catalyst-Authentication-Credential-OAuth [...] rt.cpan.org |
From: | Jonas Pasche <jpasche [...] jonaspasche.com> |
Hi there,
using version 0.03 I find the following line commented out in OAuth.pm:
#$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
Later in the code, the following snippet can be found:
sub authenticate {
...
my %defaults = (
...
oauth_version => '1.0a',
...
);
...
}
However I don't see how this is meant to work. The current version of
Net::OAuth (0.27) states that setting $Net::OAuth::PROTOCOL_VERSION is
still the way to go:
http://search.cpan.org/perldoc?Net%3A%3AOAuth#OAUTH_1.0A
Leaving OAuth.pm unchanged, authenticating using Twitter fails with the
following message:
2011-03-15 13:16:53.869052500 [error] Caught exception in
Demo::Controller::Login->oauth "Parameter oauth_callback_confirmed not
valid for a message of type Net::OAuth::RequestTokenResponse
at /home/jonas/perl5/lib/perl5/Catalyst/Authentication/Credential/OAuth.pm line 111"
Setting $Net::OAuth::PROTOCOL_VERSION to the 1.0a protocol version in
OAuth.pm simply makes things work. This is a bit amazing because the
"Bugs" section of the docs say "Only tested with twitter" while exactly
that does _not_ work out of the box. :-)
Now that Catalyst::Authentication::Credential::OAuth is a generic OAuth
module, I'd appreciate to support both 1.0 and 1.0a providers. The
section in the Net::OAuth docs mentioned above provides a code snippet
which tries 1.0a authentication and automatically issues a fallback to
1.0 if that fails. Are there any chances to incorporate something like
this into the Catalyst plugin?
Jonas
Message body not shown because it is not plain text.