I've made some progress on this. I was earlier setting the oauth_token in Signpost using consumer.getHttpParameters ().put ( "oauth_token", value ) (and similarly the "oauth_secret") but it seems I need to use consumer.setTokenWithSecret ( token, secret ) ;
But now the server is returning a similar response for the /authorize/decision URL as it did earlier for the /authorize call. It returns a new value of the session authenticity token, although the earlier value passed in the URL is correct. This seems strange, as I'm expecting a verifier in return instead of a new session authenticity token. -- View this message in context: http://cxf.547215.n5.nabble.com/OAuth-1-0-in-CXF-2-6-2-tp5713150p5713165.html Sent from the cxf-user mailing list archive at Nabble.com.
