Problem re: documentation in oauth/access_token


#1

Shouldn’t the params in the authentication header be alphabetized? Or is that not required?

https://dev.twitter.com/docs/api/1/post/oauth/request_token

Authorization Header:
OAuth oauth_nonce="K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw", oauth_callback="http%3A%2F%2Fmyapp.com%3A3005%2Ftwitter%2Fprocess_callback", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228849", oauth_consumer_key="OqEqJeafRSF11jBMStrZz", oauth_signature="Pc%2BMLdv028fxCErFyi8KXFM%2BddU%3D", oauth_version="1.0"

#2

It can definitely reduce confusion, but it is not required. The only place the sorting is required is in the signature basestring itself.