====== liboauth 0.3.0 ======

Yet another Sunday without sun in Amsterdam... I spent the afternoon fixing an
[[http://groups.google.com/group/oauth/browse_thread/thread/c44b6f061bfd98c?hl=en|issue with empty URL paths]]
for liboauth.

{{  :blog:oauth_logo_final.png?150}}
After scraping [[http://www.ietf.org/rfc/rfc2396.txt|the documentation]] I choose to
  insert a slash before the [first] '?' (or '&' or end of string) if and only if
  there is no '/' between the protocol's /:\/[\/]*/ and the delimiter.

It looks like a dirty hack, but checking the BNF this seems perfectly ok. All slashes in the /authority/-part of the URL (userinfo, host) should have been escaped. This was too easy and I had still some coffee left, so I went on to tackle RSA-SHA1 signatures and other open ToDo items.. 

Openssl gave me quite a headache, that got resolved over an Indian dinner with [[http://fgmeiner.de|Florian]]; he's just back from CERN - angry against bloggers who misinform about the LHC - carrying the spirit of [[http://cdsweb.cern.ch/record/1120625/|Johnatan R. Ellis]]: //the web strikes back//.

With a deep sigh, I've released [[http://liboauth.sf.net/|liboauth 0.3.0]] last night. It's the first version that implements the complete [[http://oauth.net/core/1.0/|oAuth-1.0 spec]].
I went over [[http://liboauth.svn.sourceforge.net/viewvc/liboauth/trunk/ChangeLog?revision=HEAD&view=markup|four version steps]], adding missing functions and a oAuth consumer example. I was tempted to call this a v1.0 or at least v0.9 which may happen during the next weeks. I'm in contact with Marc Powell about integrating liboauth with curl; and the code will definitely come in handy for implementing apache's ''mod_auth_oauth''. 

{{tag>FLOSS NEWS WWW}}