liboauth 0.3.0

Yet another Sunday without sun in Amsterdam… I spent the afternoon fixing an issue with empty URL paths for liboauth.

After scraping the documentation I choose to

insert a slash before the [first] '?' (or '&' or end of string) if and only if
there is no '/' between the protocol's /:\/[\/]*/ and the delimiter.

It looks like a dirty hack, but checking the BNF this seems perfectly ok. All slashes in the /authority/-part of the URL (userinfo, host) should have been escaped. This was too easy and I had still some coffee left, so I went on to tackle RSA-SHA1 signatures and other open ToDo items..

Openssl gave me quite a headache, that got resolved over an Indian dinner with Florian; he's just back from CERN - angry against bloggers who misinform about the LHC - carrying the spirit of Johnatan R. Ellis: the web strikes back.

With a deep sigh, I've released liboauth 0.3.0 last night. It's the first version that implements the complete oAuth-1.0 spec. I went over four version steps, adding missing functions and a oAuth consumer example. I was tempted to call this a v1.0 or at least v0.9 which may happen during the next weeks. I'm in contact with Marc Powell about integrating liboauth with curl; and the code will definitely come in handy for implementing apache's mod_auth_oauth.

blog/liboauth_0.3.0.txt · Last modified: 27.08.2008 00:44 (external edit)