On 09/07/2010 11:03, Simone Tripodi wrote: > The token secret (aka secret credential) is required (empty, if not > known) to generate signatures (at least to PLAINTEX and HMAC methods), > so sounds it is currently missing in the SignatureMethod methods > signatures > > OR > > has to be added in the OAuthRequest ???
Yes - we'll need it somewhere. Maybe the request could have an OAuthToken getToken() method and we'll store the token component(s) separately from the other values? In client mode it would be available in the token. In server mode we'd have to look it up from the TokenStorage, using the key supplied in the request and update the token before passing it to SignatureMethod. p > I'd suggest for the second option, WDYT? > > Thanks in advance, have a nice day! > Simo > > http://people.apache.org/~simonetripodi/ > http://www.99soft.org/
signature.asc
Description: OpenPGP digital signature
