From b3f0b7c3a9849abe7d68b2764f4d0547c030b562 Mon Sep 17 00:00:00 2001
From: "Michael J. Rubinsky" <mrubinsk@horde.org>
Date: Sun, 2 Aug 2009 23:27:20 -0400
Subject: [PATCH] OAuth signature verification requires that the method used to
 make the request be considered when signing the request...we can't assume we
 are always using POST - this will cause requests to fail.

---
 framework/Oauth/lib/Horde/Oauth/Request.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/framework/Oauth/lib/Horde/Oauth/Request.php b/framework/Oauth/lib/Horde/Oauth/Request.php
index 10e6c9621..25a03e096 100644
--- a/framework/Oauth/lib/Horde/Oauth/Request.php
+++ b/framework/Oauth/lib/Horde/Oauth/Request.php
@@ -22,8 +22,9 @@ class Horde_Oauth_Request
 
     protected $_params = array();
     protected $_url;
+    protected $_method;
 
-    function __construct($url, $params = array())
+    function __construct($url, $params = array(), $method = 'POST')
     {
         if (!isset($params['oauth_version'])) {
             $params['oauth_version'] = self::VERSION;
@@ -37,6 +38,7 @@ class Horde_Oauth_Request
 
         $this->_params = $params;
         $this->_url = $url;
+        $this->_method = $method;
     }
 
     /**
@@ -72,7 +74,7 @@ class Horde_Oauth_Request
     public function getSignatureBaseString()
     {
         $parts = array(
-            'POST',
+            $this->_method,
             $this->_url,
             $this->_getSignableParameters()
         );
-- 
2.11.0