<div class="snippet-clipboard-content notranslate position-relative overflow-auto" data-snippet-clip

Original comment by m.kaepp...@gmail.com on 9 May 201

URL Rewrite instead of HTTP Authorization? about oauth-signpost HOT 3 OPEN

anish-adm commented on September 16, 2024

URL Rewrite instead of HTTP Authorization?

from oauth-signpost.

Comments (3)

GoogleCodeExporter commented on September 16, 2024

How signatures are written is defined by the SigningStrategy you use. The 
default is
to write to the HTTP Authorization header. There's a QueryStringSigningStrategy 
which
can be used to sign URLs, but request objects typically don't allow you to 
change the
URL once it's set, making them impossible to sign this way (that's why it works 
on
string objects, not request objects).

I suggest you do something like this:

OAuthConsumer consumer = new DefaultOAuthConsumer(...);
consumer.setSigningStrategy(new QueryStringSigningStrategy());

String uri = "http://yourdomain.com?you_param=x";
uri = consumer.sign(uri);

HttpURLConnection request = new URI(uri).openConnection();
...

is that what you need?

Original comment by [email protected] on 26 Apr 2010 at 9:28

from oauth-signpost.

GoogleCodeExporter commented on September 16, 2024

Yes, this works, but a simpler hack would doing the following: (I'm refering to 
the
example's code)

OAuthProvider provider = new DefaultOAuthProvider(
                consumer.sign("http://yourdomain/requesttoken.php"),
                        consumer.sign("http://yourdomain/accesstoken.php"),
                        consumer.sign("http://yourdomain/tokenverifier.php")
);

String authUrl = provider.retrieveRequestToken(consumer, OAuth.OUT_OF_BAND);


This works for me for time being! Thanks!

Original comment by [email protected] on 26 Apr 2010 at 9:53

from oauth-signpost.

GoogleCodeExporter commented on September 16, 2024

Original comment by [email protected] on 9 May 2010 at 12:59