On Feb 17, 10:47 pm, Ryan Alford <ryanalford...@gmail.com> wrote: > You order all parameters EXCEPT the signature, then create the signature, > then append the signature to the end. All other parameters should be in > order. >
I am under the impression that sorting is only required to generate the Signature Base String. I haven't seen anything in the OAuth spec to suggest that Query parameters must be ordered. If I have missed something, lease let me know where. I also believe that ordering is *not* required in the Authorization header because the example shown in the spec is not ordered [1] [1] OAuth Core 1.0a section 5.4.1 Authorization Header; http://oauth.net/core/1.0a/#auth_header
