OAuth System Properties

The OAuth system properties are automatically utilized during OAuth transactions when necessary. It is possible that not all would be used in a given case. For example, callbacks are not always used. These properties can be manually applied via the Message Editor or referred to in scripts:



The complete list of OAuth System Properties is:

  • oauth_callback (must have a value before composition is run for site setups that require this setting)
  • oauth_callback_confirmed (generated at runtime)
  • oauth_consumer_key (repository would contain the initial secret that would normally be part of site setup -- must have a value before composition is run)
  • oauth_nonce (generated at runtime)
  • oauth_signature (generated at runtime)
  • oauth_signature_method (must have a value before a composition is run; most likely HMAC-SHA1, RSA-SHA1, or PLAINTEXT but providers are allowed to define their own methods)
  • oauth_timestamp (generated at runtime)
  • oauth_token (discovered at runtime)
  • oauth_token_secret (established during the authentication process using the oauth_consumer_key and oauth_consumer_secret; a “new” token and secret are obtained from them)
  • oauth_verifier (discovered at runtime)
  • oauth_version (generated at runtime)

At the time CloudTest sends a message request to an OAuth site, oauth_consumer_key and oauth_token_secret are used to generate a signature (oauth_signature).

Responses are examined (oauth_token, oauth_token_secret, and oauth_verifier are values returned by the provider), until the access token has been determined to populate these properties. For responses, the returned values are in urlencoded form in the HTTP response.

Requests will be examined for usage of any of these parameters and the corresponding system property will be used to substitute those with updated values.