Include all oauth_ headers in authorization header

[ewencp]

Fixes #26

[ewencp]

@linuxrocks123 Would you mind testing this re: your alternative fix for #26? I think this just generalizes things better wrt the OAuth spec without requiring further customization of the library and usage. Per the standard:

protocol parameters as well as any other parameter using the "oauth_" prefix SHALL be included in the request

Previously we had whitelisted some known oauth_-prefixed parameters, but really we should include everything with the right prefix. I think your case w/ the missing oauth_callback=oob would be handled with this generalization as well.

[linuxrocks123]

A quick look shows one potential issue: the URL encoding of Authorization headers is turned on in my patch (do_urlencode) and I'd imagine ETrade probably won't work unless you turn it on in yours, too. Also, I added a method for adding additional parameters to the query string (oauth_callback=oob in my case). I guess in your version I'd add that parameter to the base query string URL instead, and it would get parsed, but perhaps we'd want to add that method just in general since imo it's a little nicer API for if you're going for Authorization headers rather than query strings.

Of course I could be missing something here.

Oh, and, yes, I can test it, but I'd like to wait until I get a response from ETrade regarding why neither my current code nor their sample application works with the sandbox for v1 (I only have sandbox access right now). Once I get it working with the new version of the API, it'll be easier to test library changes without having too many moving parts at one time.

[linuxrocks123]

Ok, it works EXCEPT that you still need to set do_urlencode to true for authorization headers (line 481 of liboauthcpp.cpp). It does NOT work unless you do that.