Hello Robert! We highly discourage using PLAINTEXT sigantures, SSO supports them only for backward compatibility with old clients. You should sign your requests with HMAC signatures.
Not sending the nonce and the timestamp makes the signed request less secure: if your SSL connection gets compromised somehow, your request is vulnerable to replay attacks. Are you using a third party library to sign your requests? Thanks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1522297 Title: OAuth fails if optional parameters oauth_nonce / oauth_timestamp are missing To manage notifications about this bug go to: https://bugs.launchpad.net/rnr-server/+bug/1522297/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
