- Fix indentation in _getSignableParametersAsQueryString method

- Remove comment that states that a query string is returned
- Change return type to array
- Remove unnecessary code that created the query string which
  is not used again.
- Add code to not include POST parameters when encoding is
  multipart/form-data
- Add tests for both encodings and POST parameters

The test uses a dummy class which extends Zend_Oauth_Client. This
dummy class allows to call _getSignableParametersAsQueryString()
directly. The reason for this is the following:
This protected function is used in prepareOauth() only,
which sets the request header 'Authorization'. This request header
can be read via getHeader() but the parameters are already encoded
and the encoded string changes with every call. It is not possible
to determine the results of the _getSignableParametersAsQueryString()
method by checking the headers. That's why I needed this stub.

library/Zend/Oauth/Client.php

@@ -292,27 +292,20 @@ public function prepareOauth()
 
     /**
      * Collect all signable parameters into a single array across query string
-     * and POST body. These are returned as a properly formatted single
-     * query string.
+     * and POST body. Don't include POST parameters if content type is multipart POST.
      *
-     * @return string
+     * @return array
      */
     protected function _getSignableParametersAsQueryString()
     {
         $params = array();
-            if (!empty($this->paramsGet)) {
-                $params = array_merge($params, $this->paramsGet);
-                $query  = $this->getToken()->toQueryString(
-                    $this->getUri(true), $this->_config, $params
-                );
-            }
-            if (!empty($this->paramsPost)) {
-                $params = array_merge($params, $this->paramsPost);
-                $query  = $this->getToken()->toQueryString(
-                    $this->getUri(true), $this->_config, $params
-                );
-            }
-            return $params;
+        if (!empty($this->paramsGet)) {
+            $params = array_merge($params, $this->paramsGet);
+        }
+        if ($this->enctype != self::ENC_FORMDATA && !empty($this->paramsPost)) {
+            $params = array_merge($params, $this->paramsPost);
+        }
+        return $params;
     }
 
     /**

tests/Zend/Oauth/ClientTest.php

@@ -22,6 +22,14 @@
 
 require_once 'Zend/Oauth.php';
 require_once 'Zend/Oauth/Config.php';
+require_once 'Zend/Oauth/Client.php';
+
+class Test_Oauth_Client extends Zend_Oauth_Client {
+    public function getSignableParametersAsQueryString()
+    {
+        return $this->_getSignableParametersAsQueryString();
+    }
+}
 
 /**
  * @category   Zend
@@ -46,4 +54,36 @@ public function testAllowsOptionsAsRequestMethod()
         $this->client->setRequestMethod(Zend_Oauth_Client::OPTIONS);
         $this->assertEquals(Zend_Oauth_Client::OPTIONS, $this->client->getRequestMethod());
     }
+
+    /**
+     * zendframework / zf1 # 244
+     */
+    public function testIncludesParametersForSignatureOnPostEncUrlEncoded()
+    {
+        $client = new Test_Oauth_Client(array());
+        $client->setEncType(Zend_Http_Client::ENC_URLENCODED);
+        $params = array(
+            'param1' => 'dummy1',
+            'param2' => 'dummy2',
+        );
+        $client->setParameterPost($params);
+        $client->setMethod(Zend_Http_Client::POST);
+        $this->assertEquals(2, count($client->getSignableParametersAsQueryString()));
+    }
+
+    /**
+     * zendframework / zf1 # 244
+     */
+    public function testExcludesParametersOnPostEncFormData()
+    {
+        $client = new Test_Oauth_Client(array());
+        $client->setEncType(Zend_Http_Client::ENC_FORMDATA);
+        $params = array(
+            'param1' => 'dummy1',
+            'param2' => 'dummy2',
+        );
+        $client->setParameterPost($params);
+        $client->setMethod(Zend_Http_Client::POST);
+        $this->assertEquals(0, count($client->getSignableParametersAsQueryString()));
+    }
 }