Comments (7)
Missing attachment
Original comment by [email protected]
on 21 Apr 2010 at 11:58
Attachments:
from oauth-signpost.
I am also facing same problem !!!
Any solution you got ?
Original comment by [email protected]
on 17 Sep 2010 at 7:06
from oauth-signpost.
Version 1.2
----------------
We experienced the same problem with 1.2 when generating a lot of OAuth
requests. We believe the class AbstractOAuthConsumer.java uses a Random in the
wrong way leading to random number duplicates.
Our quick fix has been through an anonymous extension of the
"CommonsHttpOAuthConsumer" and overriding the "generateNonce" method . When we
create a consumer we use the class
<pre>
CommonsHttpOAuthConsumer consumer = new CommonsHttpOAuthConsumer(
"somekey", "somepassword") {
// fixed: oauth nonce (random number) generation now thread safe
@Override
protected String generateNonce() {
return Long.toString(RANDOM.nextLong());
}
};
</pre>
where the RANDOM is created once using:
private static final Random RANDOM = new Random();
Version 1.2.1.1
----------------
We just realized that 1.2.1.1 is the newest one. But we still doubt if
System.nanoTime on line 106 will not fail under excessive load:
http://code.google.com/p/oauth-signpost/source/browse/trunk/signpost-core/src/ma
in/java/oauth/signpost/AbstractOAuthConsumer.java
There are no tags for 1.2.1.1 so we presume that the trunk and 1.2.1.1 are the
same.
References:
http://download.oracle.com/javase/1.5.0/docs/api/java/lang/System.html#nanoTime%
28%29 ("...No guarantees are made about how frequently values change...")
http://download.oracle.com/javase/1.4.2/docs/api/java/util/Random.html ("... If
two instances of Random are created with the same seed, and the same sequence
of method calls is made for each, they will generate and return identical
sequences of numbers....")
Original comment by [email protected]
on 5 Jan 2011 at 12:34
from oauth-signpost.
I've also experienced an issue when signing two requests asynchronously in
different threads and having 50% of them failing with exact same nonces.
Thanks @bun, I'll try your fix out.
Original comment by [email protected]
on 26 Jan 2011 at 6:07
from oauth-signpost.
[deleted comment]
from oauth-signpost.
Same problem: From Android making 2 requests at same time asynchronously will
401 one request. @grantlan did it work?
Update: Workaround in comment 3 does work for me
Original comment by [email protected]
on 2 May 2011 at 12:20
from oauth-signpost.
@michaelb comment 3 didn't work for me, but creating new OAuthConsumers for
each request did as per http://code.google.com/p/oauth-signpost/
Thread Safety
Signpost is not thread safe and probably will never be. Signpost objects are
very lightweight, so you are adviced to create an OAuthConsumer and
OAuthProvider for every thread in your application that must send signed HTTP
requests. Both objects are also serializable, so you can persist and restore
them later.
Original comment by [email protected]
on 2 May 2011 at 6:11
from oauth-signpost.
Related Issues (20)
- Request: RSA-SHA1 Signing HOT 4
- retrieveRequestToken(consumer, null) fails with signpost 1.2.1.1 HOT 1
- retrieveRequestToken returns an error of 500 HOT 4
- POST support for DefaultOAuthConsumer HOT 1
- OAuthGoogleExample not executing HOT 2
- After Java upgrade: "Server returned HTTP response code: 411 for URL HOT 10
- For Android Twitter Usage HOT 3
- SignatureBaseString havent sort requestParameters
- Oauth java.lang.ClassNotFoundException: org.apache.http.HttpRequest
- Enhancement : adding license text in tarball
- didn't support HTTP GET method in this framework
- two-legged OAuth HOT 3
- Signing fails when multiple parameters with the same key are used HOT 1
- consumer key with special characters causes signpost to generate incorrect signature HOT 4
- Doesnt work on 3.2, tested on motorola xoom 3.2 HOT 5
- NULL exception after CommonsHttpOAuthProvider is de-serialized
- oauth.signpost.exception.OAuthCommunicationException: Communication with the service provider failed: null HOT 5
- incorrect get signing when params include space
- URL query parameter without values causes failure HOT 1
- oauth-signpost don't include the license file
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth-signpost.