OAuth Signature Validation Tool

One of the most frustrating things about working with OAuth is getting back an error that the signature is invalid. There are numerous reasons why this can happen, but we have found that in most cases it is caused by some bug in the OAuth library of one of the parties involved. At Mashery, our OAuth layer interacts with numerous clients using a wide variety of OAuth libraries; from publicly available ones down to the homegrown libraries. Trying to debug the dreaded signature invalid situations is often difficult.  Each party swears that their library is performing the correct calculations. One of the quickest ways to figure out from where the problem is originating from is to calculate the signature using a third party library and see which one it matches. While not 100% accurate, as there is the potential for the same bug in two different library, it sure helps to narrow the odds.

What we have found while searching for this is that there are a number of OAuth testing suites and applications available online, but not just a utility that would allow one to enter all the different parameters and generate a signature based upon them. This led Rob Richards here to create a .NET application using the C# OAuth library. Since our internal libraries are currently in other languages, this provides a good comparison to the signatures we generate in-house.

The source and application provided here is just an initial release, so may not be considered eye candy, but provides a good amount of functionality to start debugging OAuth signature issues. Currently only GET parameter requests are supported. Time permitting, additional support for POST bodies and HTTP header signatures may be added in the future. Please send any questions and/or problems to support@mashery.com.

The project was created using Visual Studio 2008 SP1 and built against .NET 2.0 framework. For those using other versions of Visual Studio, such as 2005, you will need to manually edit the project file and change MSBuildToolsPath to MSBuildBinPath. Once done, the project can be opened directly with Visual Studio 2005.

OAuthSig.zip
OAuthSig_source.zip

Docs Navigation