Hello.
I'm really sorry to bother people here, but I just found an
inconsistency between MySpace OAuth and Java OAuth (and possibly Hi5
too), I decided to ask the developers here.. since they should both be
backed by Shindig.
It deals with generating the Base String with parameter names that have
funky characters.
Looking over the Java OAuth code, it looks like they are double encoding
names/values to generate the Base String. While looking at the MySpace
OAuth Tool, it looks like they are single encoding names, while double
encoding values. Though I could not find the Hi5 equivalent of the
OAuth Tool, both MySpace and Hi5 are failing the signature test; so I'm
just assuming it's the same issue.
For example; a parameter like this:
t:formdata=a:a
was converted into the base string by MySpace like this:
t%3Aformdata%3Da%253Aa
I hope this isn't annoying, I just wanted to get the consensus from all
developers involved, on how this should work; so we can patch Shindig or
patch Java OAuth. ( since everyone is backed by Shindig, my guess it's
actually Shindig's OAuth code ).
What is the expected behavior for funky characters in parameter names?
