[drakma-devel] cl-oauth and drakma interoperability issue

mohegan-skunkworks fh at mohegan-skunkworks.com
Sat Jan 7 21:50:11 UTC 2012 

ok, does this mean that this library is no longer maintained ?

On Jan 4, 2012, at 9:54 AM, Edi Weitz wrote:

> It is, but see here:
> 
> http://lists.common-lisp.net/pipermail/drakma-devel/2011-August/000884.html
> 
> On Wed, Jan 4, 2012 at 12:53 AM, mohegan-skunkworks
> <fh at mohegan-skunkworks.com> wrote:
>> Hi, is this the right mailing list for this issue ?
>> 
>> Thanks !
>> On Dec 29, 2011, at 1:01 PM, mohegan-skunkworks wrote:
>> 
>> I just filled an issue on github...
>> 
>> The text is below...
>> 
>> Hi,
>> I'm using cl-oauth to authenticate with twitter (it's in the cl-twitter
>> package, also on github).
>> 
>> I received a complaint from a quicklisp user that he couldn't authenticate
>> with twitter.
>> 
>> After looking into this a bit I realized that drakma is encoding the uri on
>> get requests. Now, cl-oauth passes in an encoded uri so this uri gets
>> encoded twice. This was never a problem for me because I was using v 1.2.3
>> of drakma where this didn't happen.
>> 
>> Here's the code diff (plus my proposed change :)
>> ========================== v 1.2.3 ==================================
>> (when (and (not parameters-used-p)
>> parameters)
>> (setf (uri-query uri)
>> ;; append parameters to existing query of URI
>> (format nil "~@[~A~]~:*~:[~;&~]~A"
>> (uri-query uri)
>> (alist-to-url-encoded-string parameters external-format-out))))
>> 
>> ===========================current github/v1.2.4=============
>> (when-let (all-get-parameters
>> (append (dissect-query (uri-query uri))
>> (and (not parameters-used-p) parameters)))
>> (setf (uri-query uri)
>> (alist-to-url-encoded-string all-get-parameters external-format-out)))
>> ===============================my proposed
>> change===================================================
>> (when (and (not parameters-used-p)
>> parameters)
>> (when-let (all-get-parameters
>> (append (dissect-query (uri-query uri))
>> (and (not parameters-used-p) parameters)))
>> (setf (uri-query uri)
>> (alist-to-url-encoded-string all-get-parameters external-format-out))))
>> 
>> ________________________________
>> 
>> A few more comments :
>> 
>> This is the hand-off in cl-oauth :
>> 
>> (defun http-request (uri &key (request-method :get) parameters drakma-args)
>>   ;; TODO handle redirects properly
>>   (let* ((param-string-encoded (alist->query-string parameters
>> :include-leading-ampersand nil :url-encode t)))
>>     (case request-method
>>       (:get
>>        (apply #'drakma:http-request
>>       (uri-with-additional-query-part uri param-string-encoded)
>>       :method request-method
>>       drakma-args))
>>       (:post
>>         (apply #'drakma:http-request
>>                uri
>>                :method request-method
>>                :content param-string-encoded
>>                drakma-args))
>> 
>> As you can see url-encode is set to t. That was because (I think !) previous
>> versions required encoding and drakma wasn't providing any. Now, ideally tis
>> flag s/b nil. However the issue the becomes the string splitting in
>> dissect-query. This splits on "=" which is also the terminating symbol for
>> the authentication string...
>> =======================session===================
>> (drakma::split-string
>> "oauth_signature=oq37d1/qm[....]fIKb778=&include_entities=T&oauth_consumer_key=9[....]cYBg&oauth_token=206[...]Tt5SwRvCJqQWgR3ajEQpk&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1325002586&oauth_nonce=3680613621135035286&oauth_version=1.0"
>> "&")
>> ("oauth_signature=oq37d1/qmFX0YuQUwxsgfIKb778=" "include_entities=T"
>> [....])
>> 
>> CL-USER> (drakma::split-string
>> "oauth_signature=oq37d1/qmFX0YuQUwxsgfIKb778=" "=")
>> ; compiling (DEFUN HTTP-REQUEST ...)
>> STYLE-WARNING: redefining DRAKMA:HTTP-REQUEST in DEFUN
>> 
>> ("oauth_signature" "oq37d1/qm[...]778")
>> 
>> (I've elided some of the strings...).
>> 
>> I think my proposal resolves the issue. However, it would require a bit more
>> work to get to what I think is the 'right' solution...
>> 
>> At this stage I'd like to get some feedback on whta you consider the right
>> course of action before proceeding to submit a patch
>> 
>> _______________________________________________
>> drakma-devel mailing list
>> drakma-devel at common-lisp.net
>> http://lists.common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel
>> 
>> 
>> 
>> _______________________________________________
>> drakma-devel mailing list
>> drakma-devel at common-lisp.net
>> http://lists.common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel
>> 
> 
> _______________________________________________
> drakma-devel mailing list
> drakma-devel at common-lisp.net
> http://lists.common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel
>

More information about the Drakma-devel mailing list