What are the characteristics of an OAuth token?

Question

How many characters long can an oauth access token and oauth access secret be and what are the allowed characters? I need to store them in a d

Answer 1

As most people already pointed out. The OAuth specification doesn't give you exact directions but they do say...

cited from: http://tools.ietf.org/html/draft-hammer-oauth-10#section-4.9

"Servers should be careful to assign shared-secrets which are long enough, and random enough, to resist such attacks for at least the length of time that the shared-secrets are valid."

"Of course, servers are urged to err on the side of caution, and use the longest secrets reasonable."

on the other hand, you should consider the maximum URL length of browsers:

see: http://www.boutell.com/newfaq/misc/urllength.html