It Seems You *CAN* Sign JSON Requests with OAuth (Thanks OpenSocial)

As I am investigating possible ways to get IMS to move to more REST-style bindings, I came across this nice bit of information:

http://blog.opensocial.org/2009/04/important-oauth-signing-changes-coming.html

It was written back in 2009 (I hope the April 1 date does not mean it is a joke!) and describes how to post JSON structures and sign them using OAuth. It is already in place for iGoogle and orkut.

They have also already built client libraries for (Java, PHP, Python, Ruby)

This is very cool and *might* just be the REST-versus-SOAP breakthrough that we need.

Here is a spec for OAuth Request Body Hashing

Comments welcome – please.