| Subject: | Authorization header not strict enough for at least one OAuth based web service |
Distribution: LWP-Authen-OAuth-1.02
Perl: 5.12.4
OS: Mac OS X 10.8.2 Mountain Lion (Darwin Kernel Version 12.2.0: Sat Aug 25 00:48:52 PDT 2012; root:xnu-2050.18.24~1/RELEASE_X86_64 x86_64)
The Instapaper API, which requires OAuth, fails to recognize the consumer key when using the Authorization header generated by LWP::Authen::OAuth. Though both the key and secret are provided, it sends back the error message "oauth_consumer_key required" and fails to authenticate.
It comes down to an issue with the commas separating the parts of the header value. A single character change to line 236 -- adding a space after each comma -- fixes it for my code:
$request->header( 'Authorization', sprintf('OAuth %s',
join ', ', @parts ) );
This is a known issue with Instapaper's API; See http://stackoverflow.com/questions/7518795/instapaper-api-javascript-xauth
https://twitter.com/beaulebens/statuses/284801209989201920
Apparently the space is supposed to be optional. I don't know if other services fail WITH the space just as Instapaper does without it. Maybe this can be made configurable in your module..