I'm developing in Dot Net, using the DotNetOpenAuth library. Using Fiddler2, I've been able to capture the communication between my application and Telldus Live!. It seems the response I get is not according to standard.
This is my request:
This is the response:GET http://api.telldus.com/oauth/requestTok ... sumer_key=...actual data removed...&oauth_nonce=voRmRh4V&oauth_signature_method=HMAC-SHA1&oauth_signature=...actual data removed...&oauth_version=1.0&oauth_timestamp=1347795428 HTTP/1.1
User-Agent: DotNetOpenAuth.Core/4.0.0.0
Host: api.telldus.com
Connection: Keep-Alive
Upon this response, I get an exception from DotNetOpenAuth:HTTP/1.1 200 OK
Date: Sun, 16 Sep 2012 11:33:28 GMT
Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.3-7+squeeze1
Set-Cookie: PHPSESSID=4egjobtr0e42cbbikthms1ej35; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 154
Content-Type: application/x-www-form-urlencoded
oauth_callback_confirmed=1&oauth_token=...actual data removed...&oauth_token_secret=...actual data removed...&xoauth_token_ttl=3600
I've checked the OAuth RFC, and found this:Error while reading message 'DotNetOpenAuth.OAuth.Messages.UnauthorizedTokenResponse' parameter 'oauth_callback_confirmed' with value '1'.
When I intercept and edit the response using Fiddler and change the value to 'true' instead of '1', my application continues.oauth_callback_confirmed
MUST be present and set to "true". The parameter is used to
differentiate from previous versions of the protocol.
My conclusion is that the response does not comply with the standard. Please fix!oauth_callback_confirmed=true&oauth_token=...actual data removed...&oauth_token_secret=...actual data removed...&xoauth_token_ttl=3600