see http://oauth.net/

most sites are using version OAuth 1.0a (e.g. Twitter, MySpace, Google Data API including Youtube and Picasa), OAuth 2.0 is used by e.g. Facebook.

OAuth 1.0a requirements:

• OpenSSL: HMAC-SHA1 and RSA-SHA1, HMAC-SHA1 is more common, but RSA-SHA1 can be used for e.g. Google Data API
• in Qt: new class QOAuth, QAuthenticator is probably too limited; no change in existing public classes needed as I can see

OAuth 2 requirements:

• none that I could see now, OAuth version 2 was destined to be easier adoptable by developers, therefore no signing of requests is involved, it is just assumed that the endpoints are using SSL
• intercepting redirects and reading the fragment is currently done by facebook (http://developers.facebook.com/docs/authentication/desktop), looks like a hackish solution to me
• OAuth 2 is still a draft