Fixes OAuth 1.0(a) base signature string construction to omit the realm parameter when included in the HTTP Authorization header.

Fixes Trac #207

2 files changed, 9 insertions, 0 deletions

diff --git a/src/DotNetOpenAuth.Test/OAuth/ChannelElements/OAuthChannelTests.cs b/src/DotNetOpenAuth.Test/OAuth/ChannelElements/OAuthChannelTests.cs
index 521f62e..a75b487 100644
--- a/src/DotNetOpenAuth.Test/OAuth/ChannelElements/OAuthChannelTests.cs
+++ b/src/DotNetOpenAuth.Test/OAuth/ChannelElements/OAuthChannelTests.cs
@@ -356,6 +356,7 @@ namespace DotNetOpenAuth.Test.OAuth.ChannelElements {
 				{ "Name", "Andrew" },
 				{ "Location", "http://hostb/pathB" },
 				{ "Timestamp", XmlConvert.ToString(DateTime.UtcNow, XmlDateTimeSerializationMode.Utc) },
+				{ "realm" , "someValue" },
 			};
 			IProtocolMessage requestMessage = this.channel.ReadFromRequest(CreateHttpRequestInfo(scheme, fields));
 			Assert.IsNotNull(requestMessage);
@@ -364,6 +365,12 @@ namespace DotNetOpenAuth.Test.OAuth.ChannelElements {
 			Assert.AreEqual(15, testMessage.Age);
 			Assert.AreEqual("Andrew", testMessage.Name);
 			Assert.AreEqual("http://hostb/pathB", testMessage.Location.AbsoluteUri);
+			if (scheme == HttpDeliveryMethods.AuthorizationHeaderRequest) {
+				// The realm value should be ignored in the authorization header
+				Assert.IsFalse(((IMessage)testMessage).ExtraData.ContainsKey("realm"));
+			} else {
+				Assert.AreEqual("someValue", ((IMessage)testMessage).ExtraData["realm"]);
+			}
 		}
 	}
 }
diff --git a/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs b/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs
index ce4c610..43d91b5 100644
--- a/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs
+++ b/src/DotNetOpenAuth/OAuth/ChannelElements/OAuthChannel.cs
@@ -139,6 +139,8 @@ namespace DotNetOpenAuth.OAuth.ChannelElements {
 						}
 					}
 				}
+
+				fields.Remove("realm"); // ignore the realm parameter, since we don't use it, and it must be omitted from signature base string.
 			}
 
 			// Scrape the entity