Merge pull request #1498 from sharok/fix_oauth_encoding

Encode oauth_token. Fixes #1495
restsharp · Sep 17, 2020 · 4daaf69 · 4daaf69
2 parents 2ebdbc2 + 68c0776
commit 4daaf69
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 3 deletions.
diff --git a/src/RestSharp/Authenticators/OAuth/OAuthWorkflow.cs b/src/RestSharp/Authenticators/OAuth/OAuthWorkflow.cs
@@ -10,7 +10,7 @@
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
-//   limitations under the License. 
+//   limitations under the License.
 
 using System;
 using System.Collections.Generic;
@@ -215,7 +215,7 @@ WebPairCollection GenerateAuthParameters(string timestamp, string nonce)
                 new WebPair("oauth_version", Version ?? "1.0")
             };
 
-            if (!Token.IsEmpty()) authParameters.Add(new WebPair("oauth_token", Token));
+            if (!Token.IsEmpty()) authParameters.Add(new WebPair("oauth_token", Token, true));
 
             if (!CallbackUrl.IsEmpty()) authParameters.Add(new WebPair("oauth_callback", CallbackUrl, true));
 

diff --git a/test/RestSharp.Tests/OAuth1AuthenticatorTests.cs b/test/RestSharp.Tests/OAuth1AuthenticatorTests.cs
@@ -140,5 +140,31 @@ public void Authenticate_ShouldAddSignatureToRequestAsSeparateParameters_OnUrlOr
                 )
             );
         }
+
+        [Test]
+        [TestCase(OAuthType.AccessToken, "Token", "Token")]
+        [TestCase(OAuthType.ProtectedResource, "Token", "Token")]
+        [TestCase(OAuthType.AccessToken, "SVyDD+RsFzSoZChk=", "SVyDD%2BRsFzSoZChk%3D")]
+        [TestCase(OAuthType.ProtectedResource, "SVyDD+RsFzSoZChk=", "SVyDD%2BRsFzSoZChk%3D")]
+        public void Authenticate_ShouldEncodeOAuthTokenParameter(OAuthType type,string value, string expected)
+        {
+            // Arrange
+            const string url = "https://no-query.string";
+
+            var client  = new RestClient(url);
+            var request = new RestRequest();
+            _authenticator.Type  = type;
+            _authenticator.Token = value;
+
+            // Act
+            _authenticator.Authenticate(client, request);
+
+            // Assert
+            var authParameter = request.Parameters.Single(x => x.Name == "Authorization");
+            var authHeader         = (string) authParameter.Value;
+
+            Assert.IsNotNull(authHeader);
+            Assert.IsTrue(authHeader.Contains($"oauth_token=\"{expected}\""));
+        }
     }
-}
+}