Specification improvement and bug fix to sign_request

rickhanlonii · rickhanlonii · commit 28af4266c160 · 2013-04-26T20:23:00.000-03:00
Per the OAuth Body Hash specifications (3.2)[1], if there is no body entity, then the hash should be done over the empty string. Also, when httplib2 handles a redirect, the follow is performed with None as the request body. This causes a TypeError to be thrown when attempting to hash the body here. This commit fixes the bug while improving the specification alignment. [1]http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html
diff --git a/oauth2/__init__.py b/oauth2/__init__.py
@@ -485,8 +485,14 @@ def sign_request(self, signature_method, consumer, token):
         """Set the signature parameter to the result of sign."""
 
         if not self.is_form_encoded:
-            # according to
+            # according to 
             # http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html
+            # section 3.2 "If the request does not have an entity body, the hash should 
+            # be taken over the empty string."
+            if self.body is None:
+                self.body = ""
+            
+            # according to ibid
             # section 4.1.1 "OAuth Consumers MUST NOT include an
             # oauth_body_hash parameter on requests with form-encoded
             # request bodies."
