As I am investigating possible ways to get IMS to move to more REST-style bindings, I came across this nice bit of information:
http://blog.opensocial.org/2009/04/important-oauth-signing-changes-coming.html
It was written back in 2009 (I hope the April 1 date does not mean it is a joke!) and describes how to post JSON structures and sign them using OAuth. It is already in place for iGoogle and orkut.
They have also already built client libraries for (Java, PHP, Python, Ruby)
This is very cool and *might* just be the REST-versus-SOAP breakthrough that we need.
Here is a spec for OAuth Request Body Hashing
Comments welcome – please.