On Feb 17, 10:47 pm, Ryan Alford <ryanalford...@gmail.com> wrote:
> You order all parameters EXCEPT the signature, then create the signature,
> then append the signature to the end.  All other parameters should be in
> order.

I am under the impression that sorting is only required to generate
the Signature Base String. I haven't seen anything in the OAuth spec
to suggest that Query parameters must be ordered. If I have missed
something, lease let me know where. I also believe that ordering is
*not* required in the Authorization header because the example shown
in the spec is not ordered [1]

[1] OAuth Core 1.0a section 5.4.1 Authorization Header;

Reply via email to