We're having the same issues. We can't generate a matching digest -- one that matches the oauth_signature passed in the request. I've been trying to get a successful authentication all yesterday.
I'm fairly confident that our implementation of the HMAC-SHA1 authentication algorithm is correct. Since firstly, we are verifying our results using the 'text', 'key' and 'digest' shown in the OAuth specs at:
(One of the posters in this forum suggested doing this, great suggestion btw)
And second, we have implemented the HMAC-SHA1 algorithm in 2 different ways and resultant digests from both agreed with one another.
Assuming there are no bugs with Myspace's HMAC-SHA1 implementation, this leaves 2 possibilities for why authentication continues to fail. Either we are not generating the correct 'key' or we are not generating the 'text' correctly.
* This is how we create the key:
We get the key by going to the "My Apps" in the developer console, then click on "Edit Details" on our app, and finally we grab the 32-character string in the "Security Key" field. We finally append an ampersand "&" to the end of this security key. If you're "security key" looks like this: "fa0f82dea01f430d91897811b102d9b" then the actual key looks like : "fa0f82dea01f430d91897811b102d9b&"
Is this correct?
* We generate the 'text' by following this spec:
And it looks like this:
(NOTE: the oauth_signature and realm are the ONLY excluded request string parameters. The other parameters are alphabetically ordered by param name, and then are individually URL encoded. The entire concatenated parameter string as a whole is then URL encoded again. )
The base string is made up of three sections that are separated by ampersands as such:
(http method in caps) &(URL encoded request url excluding the query string)&(URL encoded, ordered param list)
Finally when comparing the oauth_signature to our digests we Base64 encode OUR digests. You could conversely Base64 DECODE the oauth_signature.
Upon doing this OUR digest is different from that passed in the oauth_signature.
Any assistance would be greatly appreciated.