encodable query params are double percent encoded

[scyclops]

In Consumer.js on line 431 the query params are pre-encoded before being encoded along with all the other base string values on line 457. This causes query parameters that have encodable values to be double-encoded and results in signature hash mismatches.

By my reading of the Oauth standard on building the signature base string, only the final parameters should be encoded and pre-encoding of query parameters shouldn't be done.

If I'm wrong about this, please let me know as this means there is probably a bug in the python OAuth library I'm using jsOAuth with (in which case I should report the bug to them instead..).

[bytespider]

It's a difficult one, the library works for pretty much everyone with whichever service they have been using so I'm doing it the way the services have expected to see it.

However I do agree that if you read the spec, it could ready the way you suggest. However I believe that when they refer to the request parameters in the signature base string section, they mean the components that make up the base string.

I maybe wrong. Please show me a service that encodes the way you suggest it should be encoded.

[scyclops]

After digging into the python OAuth library, I think you're right about this but I've found a different issue elsewhere in the code which I think was the real problem. I'm closing this issue and I opened a new issue (#36).