If I am using 2-legged OAuth to authorize HTTP requests that contain XML in the body, where do the OAuth parameters go?

Should they be HTTP Headers or should they be form parameters?

If they were form parameters, wouldn't that conflict with the fact that the content is XML?

If they were HTTP Headers, would that violate the OAuth specification?

edit: Should I put them in the actual XML?

Note: 2-legged OAuth simply means it does not need to worry about request tokens, it is just a single call alternative to HTTP Basic authentication... there is incoming data like this:

 oauth_consumer_key:
        dpf43f3p2l4k3l03 
    oauth_token:
        (Empty value) 
    oauth_signature_method:
        HMAC-SHA1 
    oauth_timestamp:
        1191242096 
    oauth_nonce:
        kllo9940pd9333jh 
    oauth_version:
        1.0 

Answers


You should put the parameters into the authorization header. OAuth has a spec for it.


Need Your Help

Relational SQLite on Windows RT

sqlite windows-runtime foreign-keys windows-store-apps

i am using SQLite for Windows Runtime but i dont see any way to define relationships between tables. Is this feature supported in SQLite for WinRT?

How to get format numbers with decimals (XCode)

iphone xcode decimal number-formatting

My objective is to create a customer calculator application for iPhone and I am using Xcode to write my application. My problem, that I cannot find a solution for, is how to format a number that uses

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.