OAuth! For those who come late, OAuth is a “standard” using which you as a developer can allow the user of your application to access his/her data which lies as a protected resource on the internet, in a trustworthy manner. Let’s say some module of your application needs the user to post a social update on facebook(maybe you wrote a really cool game and also included the facility to publish individual scores on facebook) . Now the end user may not be so comfortable(its all about trust baby!) to share his/her credentials with your application to publish the scores, Using Oauth, in this scenario you can leverage your application to a trusted one to post those updates.

Working of Oauth is pretty widely available on the net so I would not like to get in that.
Oauth can be a pretty daunting task for the first time, most of the time you make a simple “signed” request to fetch the data being requested from a “protected resource” and this at first usually results in an error “Invalid Oauth Signature”. Now any data when tormented enough is sure to confess, so I am just here to give you a few clues what could have gone wrong,

1. Do NOT go ahead implementing the OAuth signature algorithm from scratch. There are a lot of libraries available out there, Use those wisely and use those well.
2. Avoid using hardcoded timestamps and hardcoded nonce strings in the signature base strings.
3. The last and the most IMPORTANT one, the parameters being passed in the signature base string should be “alphabatically arranged”. Same should be done when including those parameters to the url being requested. This looks trivial but is VERY IMPORTANT.