Update the external OAuth library included with the oauth module.

This is supposed to provide better support for OAuth 1.0 Revision A.

modules/oauth/libextinc/OAuth.php

 <?php
-// vim: foldmethod=marker
-
-// Generic exception class
+/**
+ * @file
+ * OAuth 1.0 server and client library.
+ */
 
+/**
+ * OAuth PECL extension includes an OAuth Exception class, so we need to wrap
+ * the definition of this class in order to avoid a PHP error.
+ */
+if (!class_exists('OAuthException')) {
+    /*
+     * Generic exception class
+     */
     class OAuthException extends Exception {
         // pass
     }
+}
 
+if (!class_exists('OAuthConsumer')) {
     class OAuthConsumer {
         public $key;
         public $secret;
@@ -21,6 +32,7 @@ class OAuthConsumer {
             return "OAuthConsumer[key=$this->key,secret=$this->secret]";
         }
     }
+}
 
 class OAuthToken {
     // access tokens and request tokens
@@ -44,7 +56,8 @@ class OAuthToken {
         return "oauth_token=" .
         OAuthUtil::urlencode_rfc3986($this->key) .
         "&oauth_token_secret=" .
-           OAuthUtil::urlencode_rfc3986($this->secret);
+        OAuthUtil::urlencode_rfc3986($this->secret) .
+        "&oauth_callback_confirmed=true";
     }
 
     function __toString() {
@@ -181,7 +194,7 @@ abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod {
 
     // Up to the SP to implement this lookup of keys. Possible ideas are:
     // (1) do a lookup in a table of trusted certs keyed off of consumer
-    // (2) fetch via http using a URL provided by the requester
+    // (2) fetch via http using a url provided by the requester
     // (3) some sort of specific discovery code based on request
     //
     // Either way should return a string representation of the certificate
@@ -266,7 +279,7 @@ class OAuthRequest {
         $http_method = ($http_method) ? $http_method : $_SERVER['REQUEST_METHOD'];
 
         // We weren't handed any parameters, so let's find the ones relevant to
-    // this request
+        // this request.
         // If you run XML-RPC or similar you should use this to provide your own
         // parsed parameter-list
         if (!$parameters) {
@@ -391,7 +404,7 @@ class OAuthRequest {
     }
 
     /**
-   * parses the URL and rebuilds it to be
+     * parses the url and rebuilds it to be
      * scheme://host/path
      */
     public function get_normalized_http_url() {
@@ -410,7 +423,7 @@ class OAuthRequest {
     }
 
     /**
-   * builds a URL usable for a GET request
+     * builds a url usable for a GET request
      */
     public function to_url() {
         $post_data = $this->to_postdata();
@@ -634,12 +647,17 @@ class OAuthServer {
             ? $request->get_parameter('oauth_token')
             : NULL;
 
+        if (!empty($token_field)) {
             $token = $this->data_store->lookup_token(
                 $consumer, $token_type, $token_field
             );
             if (!$token) {
                 throw new OAuthException("Invalid $token_type token: $token_field");
             }
+        }
+        else {
+            $token = new OAuthToken('', '');
+        }
         return $token;
     }
 
@@ -824,6 +842,10 @@ class OAuthUtil {
                     $out[$key] = $value;
                 }
             }
+            // The "Authorization" header may get turned into "Auth".
+            if (isset($out['Auth'])) {
+                $out['Authorization'] = $out['Auth'];
+            }
         }
         return $out;
     }