I updated the toHeaderString function to return the realm parameter as the first parameter in the Authorization header. My specific use case require this and in reviewing the spec, the realm parameter isn't normalized with other parameters. Examples in OAuth protocol and other OAuth libraries seem to list realm as first parameter in the header.
http://tools.ietf.org/html/rfc5849#section-3.5.1
I also left the realm value unencoded. I'm not completely sure about this one though. The realms I'm using don't contain any characters that need to be encoded, but examples in the OAuth spec don't appear to be encoded strings and the protocol states the value as only a quoted string.
http://tools.ietf.org/html/rfc2617#section-1.2
I updated the toHeaderString function to return the realm parameter as the first parameter in the Authorization header. My specific use case require this and in reviewing the spec, the realm parameter isn't normalized with other parameters. Examples in OAuth protocol and other OAuth libraries seem to list realm as first parameter in the header. http://tools.ietf.org/html/rfc5849#section-3.5.1
I also left the realm value unencoded. I'm not completely sure about this one though. The realms I'm using don't contain any characters that need to be encoded, but examples in the OAuth spec don't appear to be encoded strings and the protocol states the value as only a quoted string. http://tools.ietf.org/html/rfc2617#section-1.2