Hi Andrew, What happens if you use your own oauth_consumer_key and secret in the OAuth Playground: http://googlecodesamples.com/oauth_playground/
(make sure to switch the oauth_signature_method to HMAC-SHA1) Eric On Sep 29, 8:10 am, "Andrew Arnott" <[EMAIL PROTECTED]> wrote: > My signature base string: GET&https%3A%2F%2Fwww.google.com > %2Faccounts%2FOAuthGetRequestToken&oauth_consumer_key%3Dnerdbank.org%26oauth_nonce%3DScayJb8F%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1222700601%26oauth_version%3D1.0%26scope%3Dhttp%253A%252F% > 252Fwww.google.com%252Fm8%252Ffeeds%252F > > My signature: Vfj3%2FteRSd4gvDV2mQelo%2BsNcFI%3D > > The actual HTTP request: > GEThttps://www.google.com/accounts/OAuthGetRequestToken?scope=http://www... > Using Authorization header with these fields and values in it: > > oauth_signature_method: HMAC-SHA1 > oauth_consumer_key: nerdbank.org > oauth_signature: Vfj3%2FteRSd4gvDV2mQelo%2BsNcFI%3D > oauth_nonce: ScayJb8F > oauth_version: 1.0 > oauth_timestamp: 1222700601 > > Google seems to be reading all the parameters just fine, because it > constructs an identical signature base string, which it sends back to me > with a "signature invalid" message. If our signature base strings agree, > and assuming the consumer key and secret are correct (which I've > triple-checked), what else can go wrong here to result in Google saying the > signature is invalid? > > Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Data Protocol" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-help-dataapi?hl=en -~----------~----~----~----~------~----~------~--~---
