Hi
I noticed that there is an error in the example for section 3.4.1.1 in
the latest OAuth draft. The example of building a signature base string
uses the following request as an example (note the extraneous query
parameters at the bottom):
GET /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded
Authorization: OAuth realm="Example",
oauth_consumer_key="9djdj82h48djs9d2",
oauth_token="kkk9d7dh3k39sjv7",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="137131201",
oauth_nonce="7d8f3e4a",
oauth_signature="djosJKDKJSD8743243%2Fjdk33klY%3D"
c2&a3=2+q
I believe that this should be as follows, which will cause the
documented signature base string to be constructed:
GET /request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2=&a3=2+q HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded
Authorization: OAuth realm="Example",
oauth_consumer_key="9djdj82h48djs9d2",
oauth_token="kkk9d7dh3k39sjv7",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="137131201",
oauth_nonce="7d8f3e4a",
oauth_signature="djosJKDKJSD8743243%2Fjdk33klY%3D"
Apologies if this is a duplicate comment; I searched the archives but
could not find any reference to this issue.
--
Greg
Blinkbox Entertainment Ltd - The best movies & TV online |
Greg Beech | Senior Development Engineer Lead | +44 20 7092 8700 | +44 7970
480901
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
