Oauth is becoming more and more common as a way for 3rd party applications to authenticate with a content source site. I have used it successfully once. The notes were essentially rolled in with the script that handled this.

Need to do it again,
will try to note better this time.

Step 1
-------------
Register your application with the service provider. They should have a form to do this.

After registering, they will give you a "OAuth Consumer Key" and a "Secret Key". Jot these down.

Step 2
------------
The oauth library uses httplib2:
http://code.google.com/p/httplib2/

sudo python setup.py install


Download and install the python oauth2 library here:
http://oauth.net/code/
https://github.com/simplegeo/python-oauth2

just download latest zip

or

git clone https://github.com/brosner/python-oauth2.git
(if you need git: http://git-scm.com/downloads)

sudo python setup.py install

verify:
python
Python 2.7.2 (v2.7.2:8527427914a2, Jun 11 2011, 14:13:39)
[GCC 4.0.1 (Apple Inc. build 5493)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import oauth2 as oauth

(DO NOT USE:
https://github.com/brosner/python-oauth2
)


Step 3
------------

From here, it is easier to describe the steps in code:


#authorize-step1.py

import urlparse
import oauth2 as oauth

# Create your consumer with the proper key/secret. These are supplied by the service provider when you register your application
consumer = oauth.Consumer(key="",
secret="")

# Request token URL for Service.
request_token_url = "http://api.discogs.com/oauth/request_token"

# Create our client.
token_client = oauth.Client(consumer)

# The OAuth Client request works just like httplib2 for the most part.
resp, content = token_client.request(request_token_url, "GET")
print resp
print content

# get a token for a user to use to authorize
request_token = dict(urlparse.parse_qsl(content))

authorize_url = "http://www.discogs.com/oauth/authorize"

print "for the user:"
print "Go to the following link in your browser:"
print "%s?oauth_token=%s" % (authorize_url, request_token['oauth_token'])
print
print "for the script:"
print "request_token = { 'oauth_token' : '%s', 'oauth_token_secret' : '%s' }" % (request_token['oauth_token'], request_token['oauth_token_secret'])


#After allowing, the callback url will be called with something like:
#http://www.charlesbrandt.com/?oauth_token=NDtzMglZ41N5SgLZzt3oI2iy8UzOFnQ5IqBY6jjxxLKcoTxsDD&oauth_verifier=p5HlJtw7sGaQsjiR0TlzSTIhYMfW14Ycqkm5EmjkR3JEBio8kh

#NEXT PHASE:

import urlparse
import oauth2 as oauth

#get this back
from consumer import consumer

#this would be stored with a local user:
#step 1 should print these out:
request_token = { 'oauth_token' : '2k3GDeGWSPBd2T1HLQ1Wydh1nQTypObtsN4eqOga3Abn2ssa0G', 'oauth_token_secret' : 'HdKo4HpQexlwSoOknEFbVuuGvwQRJBKWgkm0oDOQfrvQRobquj' }


#this should be returned via the callback url after the user allows access
oauth_verifier = 'wdGFAfNFqk3n8FFIrkf7h4zMUvoNPVwhNBSHPswDBHXx2DW1vN'

token = oauth.Token(request_token['oauth_token'],
request_token['oauth_token_secret'])

token.set_verifier(oauth_verifier)

client = oauth.Client(consumer, token)

access_token_url = "http://www.tumblr.com/oauth/access_token"
#GET vs POST varies based on service provider
resp, content = client.request(access_token_url, "POST")
print resp
print content


request_token = dict(urlparse.parse_qsl(content))

print request_token

print "now you can do stuff with this!"
print "keep it around for subsequent use"