/** * Decide whether the post fields should be added to the base string that Oauth signs. * Non-conformant APIs may require that this method be * overwritten e.g. the Flickr API incorrectly adds the post fields when the Content-Type * is 'application/x-www-form-urlencoded' * * @param $request * @return bool Whether the post fields should be signed or not */ public function shouldPostFieldsBeSigned(Request $request) { $returnValue = false; if ($request->hasHeader('Content-Type')) { $contentType = $request->getHeader('Content-Type'); //TODO - not safe if ($contentType !== 'application/x-www-form-urlencoded') { $returnValue = true; } } // Don't sign POST fields if the request uses POST fields and no files if ($request->getFileCount() == 0) { $returnValue = false; } return $returnValue; }