In OAuth: use MAC-SHA1 or RSA-SHA1?

Concerning OAuth, what is the most suitable cryptography/encryption method to use HMAC-SHA1 or RSA-SHA1 ?

Thanks.

Solution

After looking, it's seems that HMAC is much faster and better in term of security even if the underlying hash function (SHA1) is broken, which is not the case when using RSA-SHA1.

How to log out of Synology SSO Server (OIDC)?
OAuth not working inside an iframe
BFF pattern for native apps in OAuth 2.0?
Why is PKCE `code_verifier` calculated server-side in BFF pattern?
Python Script Token Refresh Mechanism Problem for Spotify API
Laravel Passport Password Grant - Client authentication failed
Github, restricting third-party access to organizations
UiPath CLI - github deployment to uipath cloud
Why Does OAuth v2 Have Both Access and Refresh Tokens?
Facebook login message: "URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings."
Is is safe to store access token in session storage of client browser?
Why Google native oauth2 flow require client secret?
How to use the Requests OAuthlib with grant-type 'Client Credentials'?
How to get a Google OAuth 2 token for API testing
GitHub Clone with OAuth Access Token
Where to store the refresh token on the Client?
Data intent is null in Android using universal links/applinks using react-native-app-auth
Cognito: User Pool Client OAuth Scope Limitation
Yahoo! Fantasy API Maximum Count?
GitLab OAuth access token validity
Twitter request token invalid on iOS
Implementing OAuth 1.0 in an iOS
How to create oAuth in Instagram?
Swift (Xcode) REST API Connection using OAuth 1
MapMyFitness API OAuth questions
“That Microsoft account doesn’t exist” for Microsoft logins on Auth0
OAuth SignIn Cordova Firebase
Get user info via Google API
Unable to fetch userinfo using access_token from auth0
Implement OAuth 2.0 authorization against a 3rd party service for a mobile app