Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP Redirection broken #7

Open
daurnimator opened this issue Jan 2, 2012 · 7 comments
Open

HTTP Redirection broken #7

daurnimator opened this issue Jan 2, 2012 · 7 comments
Assignees
@ignacio

Comments

@daurnimator
Copy link

You can't use redirection with https and luasocket.

Fix:
Add redirect = false to request_constructor

Just after doing the http(s) request:
if response_code == 301 or response_code == 302 then
-- TODO: Add redirection loop detection
return PerformRequestHelper ( self , response_headers.location , method, headers, arguments, post_body)
end
@daurnimator
Copy link
Author

just noticed the fix I advised above breaks with a GET request: it appends the query string again for each request.
i've done a hack fix by nil-ing out arguments in the GET branch...

@daurnimator
Copy link
Author

and then again; I notice that now the signature is broken; will have to do a completely new request.
fix will be more complicated than I first thought

@ignacio
Copy link
Owner

ignacio commented Jan 2, 2012

Do you have an example of such an OAuth api that does that? (I mean, returning 301 or 302 for a request). I never came across one.

@daurnimator
Copy link
Author

LivePerson
See:
http://community.liveperson.com/docs/DOC-1033
http://community.liveperson.com/docs/DOC-1044#base

at the moment I've got it working by adding redirect = false in codeLuaSocket.lua table constructor for request_constructor
and using the code:

local url = "https://api.liveperson.net/api/account/" .. accountID

local response_code, response_headers, response_status_line, response_body
while true do
    response_code, response_headers, response_status_line, response_body = c:PerformRequest("GET" , url , { v= "1" } )

    if response_code >= 200 and response_code < 300 then
        break
    elseif response_code == 301 or response_code == 302 then
        url = response_headers.location:match("[^?]+")
    else
        error ( "FAIL" )
    end
end

@daurnimator
Copy link
Author

I think the best solution would be to add the redirect = false
then in OAuth.lua rewrite Sign to use socket.url.parse
As a note; you also don't do anything with port number.

@ignacio
Copy link
Owner

ignacio commented Jan 2, 2012

Ok, I'll take a look at it. If you have a pull request, that would be great.

@daurnimator
Copy link
Author

in the mean time before you have a proper fix just add the redirect = false.
It'll at least return 301/302 instead of a cryptic error message from openssl about version numbers.

ignacio added a commit that referenced this issue Jan 2, 2012
@ignacio
Disables redirects until a better fix is made. refs #7.
534d188
@ghost ghost assigned ignacio Jan 2, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ignacio ignacio

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ignacio @daurnimator