Authorization Signature Calculation

On a collection, when setting up authorization, Oauth 1.0, add auth data to request headers, etc…
how is the signature calculated exactly? Assume SHA256, what is the string order/format that is used to create the signature?

I would expect that it is calculated as explained in the protocol:

 digest = HMAC-SHA1 (key, text)

See also https://tools.ietf.org/html/rfc5849#section-3.4.2.

1 Like