Hi. There's an inconsistency with the implementation of HMAC_SHA1 signature method in the OAuth Java Libraries (Google Code). The spec says the signature is "the calculated digest octet string, first base64-encoded per [RFC2045] section 6.8, then URL-encoded per Parameter Encoding" (see section 9.2.1). The OAuth Java library does the first part (base-64 encodes the bytes) but neglects the second part (URL-encoding it).
This means, for example, that the OAuth Java library calculates a signature to be 4KaVKEnW6e1a+vwJTpz0VFqIaGU= when it should be 4KaVKEnW6e1a%2BvwJTpz0VFqIaGU%3D Am I reading the spec wrong? Or is this a bug? -Ryan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
