…with Google Data API's, I'm not sure what is specified in the OAuth spec.But Google OAuth paths look like this: "/accounts/OAuthGetRequestToken" -- and lowercasing that string causes Google to throw 'invalid_signature' errors.
…nature to authorization header.
private methods category.
Fix memory management and Objective C syntax issues: - release all retained ivars in dealloc - no longer set ivars through the '->' accessor - add properties for ivars with proper memory management rules Move C functions into class methods on TDOauth. Add private method prototypes into private interface. Remove the `chomp` method and use `componentsJoinedByString` with arrays to build parameter strings. Now we don't have to worry about our strings having a trailing '&'. Use format strings instead of chained mutable string calls to build parameter strings.
We found some service that required an HTTPS call on a GET. Typically this means our elegant API is slightly spoilt. I added an additional function to allow the scheme to be set because typically you don't need anything but HTTP for GET OAuth requests and well designed APIs should allow you to use 80% of their feature sets without bloat.