I receive the following error when I attempt to access /access_token without an expires parameter:

Notice: Undefined index: expires in oauth_common_callback_access_token() (line 359 of /var/www/drupal/sites/all/modules/oauth/oauth_common.pages.inc).

I'm not sure how to submit a patch. If you change line 359 referred above to include an isset(), it seems to work:

if (isset($_GET['expires']) && intval($_GET['expires'])) {


ksenzee’s picture

Title: When an expires value is not included in an /access_token request, a PHP warning is generated » PHP notices generated when an expires value is not included in an /access_token request and when callback URL has no query
Version: 7.x-3.0-alpha2 » 7.x-3.x-dev
Priority: Minor » Normal
Status: Active » Needs review
1.15 KB

I was writing some simpletests for our oauth flow and ran into this notice, as well as an "Undefined index: query" notice that's emitted on line 121 of oauth_common.pages.inc if the callback URL for your oauth consumer doesn't include a query string.

pwolanin’s picture

Status: Needs review » Reviewed & tested by the community
1.15 KB

Patch needed a re-roll.

verified that it fixes the notices.

juampynr’s picture

Version: 7.x-3.x-dev » 6.x-3.x-dev
Status: Reviewed & tested by the community » Needs work
rjbrown99’s picture

Status: Needs work » Patch (to be ported)

Updating to proper status per issue queue handbook.

h3rj4n’s picture

Status: Patch (to be ported) » Needs review
1.08 KB

I couldn't apply the patch because it's for D7. I added by hand and created patch for it.

DamienMcKenna’s picture

Version: 6.x-3.x-dev » 7.x-3.x-dev
Issue summary: View changes
Status: Needs review » Needs work

The patch in #5 needs to be rerolled.

  • juampynr committed 3211e05 on 8.x-2.x authored by ksenzee
    Issue #1404030 by ksenzee, pwolanin | chmhalford: Fixed PHP notices...
kyletaylored’s picture

Status: Needs work » Fixed

I was updating this module on one of our sites, used a previous patch, and after looking at the 7.x-3.x branch, the patch in #5 has already been applied and committed in the latest release. Given it's also 4 years old, I'm gonna mark this as fixed.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

zhouhana’s picture

I can't read PHP very well myself, so I just want to double check. Because of the recent security release to OAuth I'm trying to update the module for a few sites, and now I'd like to reapply the patches that were previously applied, so the sites don't lose any important functionality.

The release notes for OAuth say nothing about this patch being included in the non-dev branch, but still when I try to apply it through the command line I get this:

$ patch -p1 < 1404030-2.patch
patching file oauth_common.pages.inc
Reversed (or previously applied) patch detected!  Assume -R? [n]

Does this mean it is already in the 7.x-3.3 branch after all?

ksenzee’s picture

Yes - see comment #3. The patch is in the 7.x-3.x branch. (7.x-3.3 is a tag off the 7.x-3.x branch.) So no worries. Thanks for checking!

zhouhana’s picture

Great! Thank you!