Is it possible that I just verify oauth_signature only via a url?
I have OAuth consumer secret, but i don't have token secret, I'm in a position like man-in-middle, but i don't want to change anything, but just verify whether this oauth request is valid or not. All what i get is a simple url containing standard things like:
Can i use these thing to verify?
You cannot check if the request is valid, as in authenticated, that would mean that you have managed to hack the OAuth provider, and this should not be possible unless you have managed to get a hold of the consumer and token secret.
If you simply want to check if the request contains the needed parameters in a well formed OAuth request, then you are almost there.
But, oauth_version parameter is also needed on all requests, should always be 1.0 for a valid OAuth 1.0a request.
If the request is for an access token then an oauth_verifier should be there as well.
If the request is for a request token, then oauth_token is not needed.
