On 4/27/09 6:11 AM, Lee Gibbons wrote: > The OAuth spec stipulates that for HMAC-SHA1 signatures the key is the > concatentation of Consumer Secret and Token Secret seperated by&. > > Does this mean that for the initial incoming call i.e. requesting > request token, HMAC-SHA1 cannot be used for signatures because at that > point the token secret has not been supplied ?
The token secret is an empty string. Proceed as normal. -- Dossy Shiobara | [email protected] | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
