My war is winding down with OAuth

Summary of what's going on with OAuth:

1. create a OAuth consumer. Consumer is made up of:
   • application key
   • application secret
   • the url and path to the OAuth provider
2. create a request token:
   • this makes a call to the provider
   • the request token sends the callback URL to the provider
   • it seems like this expires pretty quickly (at least with Twitter)
   • therefore, I'll probably hold this in a session
   • once returned from the provider, you can redirect to the provider to complete the access
   • once access is granted, the provider will return the user to the callback URL you sent
3. create the access token:
   • this makes a call to the provider
   • the user is redirected from the provider to the callback URL
   • a querystring variable - `oauth_verifier` - is included with the callback URL
   • the `oauth_verifier` value is then sent back to the provider
   • the provider then returns an access token
   • the access token can hang around for a while and I'll save that in the database attached to the User model