I am running into trouble lately authenticating POST requests to resources on our web service. I always receive a 401 for such requests.
I debugged the entire client/server communication and it seems that client and server compute different signatures for the exact same signature base string (using HMAC-SHA1). I did a diff on the SBS constructed on both the client and the server, and they are identical. Still, base64(hmac-sha1(sbs)) returns different results on the client and the server! Here is an example SBS of mine: POST&http%3A%2F%2F10.0.2.2%3A8889%2Fv1%2Fplaces%2F3125%2Freviews&lang %3Den%26oauth_consumer_key%3D88IRfEDu6A7qEelPP4mRXQ%26oauth_nonce %3D639362338427%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1237285006%26oauth_token%3DXXj8vAhYXZRTQ6lA8IPEEA%26oauth_version %3D1.0 Is there an obvious explanation for this, or maybe a less obvious one? I'm out of ideas here. :-/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
