OAuth Signature creation



I’m trying to understand the process of creating an OAuth Signature. I think I understand it well now, but I’m running into problems.

To test that I understood what I was doing I tried a little experiment but this also failed and I was hoping someone could tell me why :slight_smile:

To test that I understood how to create a signature I went to https://www.freeformatter.com/hmac-generator.html (which is a HMAC-SHA1 generator) and copied the signature base string into the message section. In the Secret Key section I put my comsumer secret & my token secret. I then took the output and went to http://www.opinionatedgeek.com/dotnet/tools/base64encode/ (a base64 encoder) to get my signature. This, following through the creation guide, should give me an output that matches the signature on my OAuth Signing Results page, but it doesn’t. Where have I gone wrong?

Any help appreciated




Any help on this appreciated. It’s been a week and I’m still stuck with it…




Are you using PHP? Either way you need to make sure the result from your HMAC is raw not hex. for instance with PHP :

echo base64_encode( hash_hmac( 'sha1', $sig, $key, TRUE ) )

Where the true indicates return raw data.