While not 100% accurate, as there is the potential for the same bug in two different library, it sure helps to narrow the odds. One of the quickest ways to figure out from where the problem is originating from is to calculate the signature using a third party library and see which one it matches. Each party swears that their library is performing the correct calculations. Trying to debug the dreaded signature invalid situations is often difficult. At Mashery, our OAuth layer interacts with numerous clients using a wide variety of OAuth libraries from publicly available ones down to the homegrown libraries. There are numerous reasons why this can happen, but we have found that in most cases it is caused by some bug in the OAuth library of one of the parties involved.
One of the most frustrating things about working with OAuth is getting back an error that the signature is invalid.
0 kommentar(er)
