bytespider
commented
13 years ago You're absolutely correct. I had noticed myself that the realm was not first, but neglected to fix. Thank you.
Closed tnydwrds closed 13 years ago
bytespider
commented
13 years ago You're absolutely correct. I had noticed myself that the realm was not first, but neglected to fix. Thank you.
I updated the toHeaderString function to return the realm parameter as the first parameter in the Authorization header. My specific use case require this and in reviewing the spec, the realm parameter isn't normalized with other parameters. Examples in OAuth protocol and other OAuth libraries seem to list realm as first parameter in the header. http://tools.ietf.org/html/rfc5849#section-3.5.1
I also left the realm value unencoded. I'm not completely sure about this one though. The realms I'm using don't contain any characters that need to be encoded, but examples in the OAuth spec don't appear to be encoded strings and the protocol states the value as only a quoted string. http://tools.ietf.org/html/rfc2617#section-1.2