Thanks for your suggestion. I tried using this but I'm still
experiencing the same problem. The good news is yours looks a lot
simpler and it appears to work just as good as the last one. Looking
at both Paul Donnelly's and yours, neither contains the "tokenSecret"
in the accessor that's used to s
I'm reorganizing the Java implementation of OAuth (at
http://code.google.com/p/oauth/
)
to help reduce dependencies. You'll find these changes in version
20090531.
Version 20090531 is binary compatible with previous versions. You can
replace the .jars without recompiling your application.
Som
Hey Matt, try the code below. It works reliably for me.
Make sure you've included:
http://oauth.googlecode.com/svn/code/javascript/oauth.js
http://oauth.googlecode.com/svn/code/javascript/sha1.js
var requestUrl = 'http://...';
var ck = '...';
var cks = '...';
var
Eran's right, there are ways around this, but I'm wondering what sort of
mobile device you're working with that doesn't have the capacity to sign
each request. It's really not that much overhead unless you're making
hundreds or thousands of requests per second (which is unlikely on a mobile
device)
Hello,
I'm trying to use the JavaScript API to authenticate with OAuth from a
GWT application. I've got it working with both Google and Twitter's
OAuth implementations. However, it seems to fail to sign the URL at
random. In other words, it works 1 out of 3 times.
I'm using the following makeSig
One way is for the device to use a signing proxy on a server. Another is for
you to use very short lived credentials and not require signatures - there
will still be a replay attack possible but the window of the attack will be
much smaller. Yahoo!'s BBAuth protocol works this way. But at this poi
Section 7 of OAuth Core directs us to 'sign' the requests even after
we have received a granted access token.
This signing ensures security with each request made to the SP.
We have a case for implementing OAuth Consumers on mobile devices and
the signing of each request to access protected resou