I am trying to implement authentication using oAuth and using DotNetOpenAuth for this.
We have multiple REST web services to cater project requirement. There is one AuthenticationService, Customer Service, Order Service etc.
Consumer will authenticate the users using this Service and get Access Token from it. Now Consumer will a method on Customer Service and pass Access token.
Customer Service now wants to validate Access Token from Authentication Service.
I tried to capture Authorization Header sent by Consumer in Customer Service and tried to pass this to Authentication Service from Customer Service but it threw "signature not valid" error which seems correct because the URI used by consumer to build signature is of Customer Service but while validating this in Authentication Service actual request comes from Customer Service which is a different one.
Hope I am able to explain the problem.
How can I solve this problem?