|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #59569 Order of checks of checkOAuthRequest()
Submitted: 2011-01-11 03:00 UTC Modified: 2011-01-15 13:21 UTC
From: djpate at gmail dot com Assigned: jawed (profile)
Status: Closed Package: oauth (PECL)
PHP Version: 5_3 SVN-2011-01-11 (dev) OS: Ubuntu 10.10
Private report: No CVE-ID: None
 [2011-01-11 03:00 UTC] djpate at gmail dot com
I'm trying to implement the nonce handler but I realised that It's launched before the consumer handler.

That doesnt make sense to me because If I understand this right a nonce is associed with a consumer, so making sure the consumer actually exist would be check before you check the nonce ?

Reproduce code:
public function consumerHandler($provider){
  $this->consumer = Consumer::findByKey($provider->consumer_key)

public function checkNonce($provider){

Expected result:
No error

Actual result:
$this->consumer is not an object
since it doesnt go thru consumerHandler before


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2011-01-11 09:11 UTC]
The definition changed in the RFC to also include the token 

I don't have any immediate reservations on making the nonce 
check the last step.

- JJ
 [2011-01-11 10:50 UTC] djpate at gmail dot com

Do you want me to submit a patch or something ?
 [2011-01-11 13:40 UTC]
Any and all patches are appreciated, however, they are not necessary.

I can work with you offline (, or #php.pecl on EFnet) to help 
you get a feel for the code structure if you'd like.

- JJ
 [2011-01-11 18:09 UTC]
No issues here either ;) let me know if you want 
me to add the patch.
 [2011-01-12 03:13 UTC] djpate at gmail dot com
Here is my patch, maybe something is missing but from what I've understood from the code it's pretty straight forward.

I compiled it and tested on my provider and It seems to work fine.
 [2011-01-15 13:21 UTC]
This bug has been fixed in SVN.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on

In case this was a website problem, the change will show
up on the website in short time.
Thank you for the report, and for helping us make PECL better.

Applied in trunk. Thanks for the patch and making pecl/oauth 

- JJ
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sun Oct 01 13:01:24 2023 UTC