kovacshuni / koauth Goto Github PK

I don't really have to await on a future.
Can you create a version of the ConsumerService which doesn't return futures?

I tried adding the artifact as described in the readme. It couldn't find it, and then when I checked the Sonatype Nexus, the latest version is 1.1.0: https://oss.sonatype.org/#nexus-search;quick~koauth

Is there a new repository?

Can you please upgrade the version of specs2 used in this repository. The old version causes problems when used in conjunction with scalaz as described here: etorreborre/specs2#444

The README.md file says to use koauth library version 1.0.1. But that version is not currently available in the sonatype.org repository. I only see version 1.0.0 there.

There is a major bug in this library if it comes to sorting.

Given the following form parameters:

test=hello
test-abc=hello2
a=b
a=a

The OAuth Standard says the sorting should be as followed

a=a
a=b
test=hello
test-abc=hello2

The two sorting rules based on the specifications are:

1. Sort by key names
2. In case of duplicate key names sort this keys based on there value

The library right now first concatenate the params and then does a sort on a key=value string. That behaviour is wrong.

support for OAuth 2.0
big one, i know

The com.hunorkovacs.koauth.service.Arithmetic package depends on Java library classes that do not exist in Java 7 or earlier (e.g. java.util.Base64). It would be nice if your README file pointed out this dependency.

In file koauth/service/provider/Verifier.scala line 150 you get the diff between the required fields and the provided fields. The problem is that the oauth standard allows to have more then the required fields in the OAuth Authorization header. But you never look into the diff result and always assume the validation failed.

This is a major issue if people are sending more then the required fields in there oauth Authorization header.