Extra params when passed as a POST will now properly get set as the POST body rather than be discarded as previously

lib/oauth.js

@@ -51,8 +51,8 @@ exports.OAuth.prototype._decodeData= function(toDecode) {
 }
 
 exports.OAuth.prototype._getSignature= function(method, url, parameters, tokenSecret) {
-  var signatureBase= this._createSignatureBase(method, url, parameters);  
-  return this._createSignature( signatureBase, tokenSecret ); 
+  var signatureBase= this._createSignatureBase(method, url, parameters);
+  return this._createSignature( signatureBase, tokenSecret );
 }
 
 exports.OAuth.prototype._normalizeUrl= function(url) {
@@ -70,14 +70,24 @@ exports.OAuth.prototype._normalizeUrl= function(url) {
   return parsedUrl.protocol + "//" + parsedUrl.hostname + port + parsedUrl.pathname;
 }
 
+// Is the parameter considered an OAuth parameter
+exports.OAuth.prototype._isParameterNameAnOAuthParameter= function(parameter) {
+  var m = parameter.match('^oauth_');
+  if( m && ( m[0] === "oauth_" ) ) {
+    return true;
+  }
+  else {
+    return false;
+  }
+};
+
 // build the OAuth request authorization header
 exports.OAuth.prototype._buildAuthorizationHeaders= function(orderedParameters) {
   var authHeader="OAuth ";
   for( var i= 0 ; i < orderedParameters.length; i++) {
      // Whilst the all the parameters should be included within the signature, only the oauth_ arguments
      // should appear within the authorization header.
-     var m = orderedParameters[i][0].match('^oauth_');
-     if( m && ( m[0] === "oauth_" || m[0] === 'scope' ) ) {
+     if( this._isParameterNameAnOAuthParameter(orderedParameters[i][0]) ) {
       authHeader+= this._encodeData(orderedParameters[i][0])+"=\""+ this._encodeData(orderedParameters[i][1])+"\",";
      }
   }
@@ -220,6 +230,17 @@ exports.OAuth.prototype._performSecureRequest= function( oauth_token, oauth_toke
     }
   }
 
+  // Filter out any passed extra_params that are really to do with OAuth
+  for(var key in extra_params) {
+    if( this._isParameterNameAnOAuthParameter( key ) ) {
+      delete extra_params[key];
+    }
+  }
+
+  if( method == "POST"  && ( post_body == null && extra_params != null) ) {
+    post_body= querystring.stringify(extra_params);
+  }
+
   headers["Content-length"]= post_body ? post_body.length : 0; //Probably going to fail if not posting ascii
   headers["Content-Type"]= post_content_type;
    
@@ -270,7 +291,7 @@ exports.OAuth.prototype.getOAuthAccessToken= function(oauth_token, oauth_token_s
     extraParams.oauth_verifier= oauth_verifier;
   }
   
-   this._performSecureRequest( oauth_token, oauth_token_secret, "GET", this._accessUrl, extraParams, "", null, function(error, data, response) {
+   this._performSecureRequest( oauth_token, oauth_token_secret, "GET", this._accessUrl, extraParams, null, null, function(error, data, response) {
          if( error ) callback(error);
          else {
            var results= querystring.parse( data );
@@ -301,7 +322,7 @@ exports.OAuth.prototype.post= function(url, oauth_token, oauth_token_secret, pos
   if( typeof post_body != "string" ) {
     post_content_type= "application/x-www-form-urlencoded"
     extra_params= post_body;
-    post_body= querystring.stringify(post_body);
+    post_body= null;
   }
   return this._performSecureRequest( oauth_token, oauth_token_secret, "POST", url, extra_params, post_body, post_content_type, callback );
 }
@@ -316,7 +337,7 @@ exports.OAuth.prototype.getOAuthRequestToken= function(extraParams, callback) {
   if( this._authorize_callback ) {
     extraParams["oauth_callback"]= this._authorize_callback;
   }
-  this._performSecureRequest( null, null, "POST", this._requestUrl, extraParams, "", null, function(error, data, response) {
+  this._performSecureRequest( null, null, "POST", this._requestUrl, extraParams, null, null, function(error, data, response) {
     if( error ) callback(error);
     else {
       var results= querystring.parse(data);