I was using cl-oauth in project a while ago, and fixed/extended it to support what I needed – EG, using the Authorization header rather than passing OAuth params as GET/POST parameters.
Separate the location of the authorization parameters from the reques…
…t type – :AUTH-LOCATION can be either :HEADER (the default), or :PARAMETERS. Currently this is only done for OBTAIN-REQUEST-TOKEN.
Fix a place where we ended up with an octet vector instead of a string.
Refactored the creation of auth parameters into their own function.
Finished separating the auth-parameter location from the request method.
Don't mutate the URI that was passed in.
Fixed a bug where not passing a callback caused an error.
Generate actually random keys/secrets by default. Use base-36 to comp…
…ress the string as much as possible (save 7 bytes per value vs hexidecimal – which makes for _slightly_ nicer URLs)
Handle redirects after POST requests.
Add a message for assertion failure, to make it easier to find where …
…it went wrong.
Only map code-char over the body if it's not a string.
Removed unnecessary ampersand.
Bug fix for Hunchentoot 1.2.x.
Some of those would be nice to have :)
Somehow I missed this. Will review and merge RSN.