{
  "context": "This criteria evaluates how well the engineer uses the oauth-sign package's PLAINTEXT signature method to implement OAuth credential verification functionality. The focus is on correct usage of the plaintext() function, proper handling of consumer and token secrets, and understanding of RFC 3986 encoding requirements.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Uses plaintext function",
      "description": "The implementation correctly imports and uses the plaintext() function from the oauth-sign package in the generateSignature function",
      "max_score": 30
    },
    {
      "name": "Correct parameter passing",
      "description": "The plaintext() function is called with the correct parameters in the correct order: plaintext(consumer_secret, token_secret)",
      "max_score": 25
    },
    {
      "name": "Handles empty secrets",
      "description": "The implementation correctly handles cases where token_secret is an empty string or missing, passing it appropriately to the plaintext() function",
      "max_score": 20
    },
    {
      "name": "Signature verification",
      "description": "The verifyCredentials function uses the plaintext() function to generate the expected signature and compares it with the provided signature",
      "max_score": 25
    }
  ]
}