Even if I like it (I though more or less the same in the first email), it doesn't look nice for the server part, for the reason you well explained, I'm definitively for adding the token in the SignatureMethod methods signature Thanks for your help!!! Simo
http://people.apache.org/~simonetripodi/ http://www.99soft.org/ On Fri, Jul 9, 2010 at 12:46 PM, Pid <[email protected]> wrote: > On 09/07/2010 11:41, Simone Tripodi wrote: >> Agreed, good catch, >> that means that it has to be added to SignatureMethods methods >> signature, since in client/server we have totally different statuses. >> Something cheated me, thanks for the advice :) > > Or leave the signature as is? > > Add: > OAuthRequest.getToken(); > > and retrieve it from the token, inside SignatureMethod? > > String calculate(OAuthRequest req); > > OAuthToken t = req.getToken(); > String tokenKey = t.getKey(); > String tokenSecret = t.getSecret(); > > it would just mean the server version has to update the token before > passing it to SignatureMethod. I think that's neater. > > > p > > > > >> Simo >> >> http://people.apache.org/~simonetripodi/ >> http://www.99soft.org/ >> >> >> >> On Fri, Jul 9, 2010 at 12:30 PM, Pid <[email protected]> wrote: >>> On 09/07/2010 11:03, Simone Tripodi wrote: >>>> The token secret (aka secret credential) is required (empty, if not >>>> known) to generate signatures (at least to PLAINTEX and HMAC methods), >>>> so sounds it is currently missing in the SignatureMethod methods >>>> signatures >>>> >>>> OR >>>> >>>> has to be added in the OAuthRequest ??? >>> >>> Yes - we'll need it somewhere. >>> >>> Maybe the request could have an OAuthToken getToken() method and we'll >>> store the token component(s) separately from the other values? >>> >>> In client mode it would be available in the token. >>> >>> In server mode we'd have to look it up from the TokenStorage, using the >>> key supplied in the request and update the token before passing it to >>> SignatureMethod. >>> >>> >>> p >>> >>>> I'd suggest for the second option, WDYT? >>>> >>>> Thanks in advance, have a nice day! >>>> Simo >>>> >>>> http://people.apache.org/~simonetripodi/ >>>> http://www.99soft.org/ >>> >>> >>> > > >
