I have been meaning to share some of my thoughts on this but haven't had a chance. My apologies.
I think that OAuth really has to be broken out into two parts. The first part is the process to get a token and the second part is making the actual request.
IMO the application really has to handle the flow for getting a token so the approach I would take would probably include building a controller that could be leveraged to handle the oauth callback.
The second part is making the actual request. There are a variety of patterns that you could use here. I think overall though, that the important thing is that we should end up with the ability to have some sort of JHttp descendant that handles the OAuth part more or less transparently.
The idea being that with, for example, a JTwitter class, you could make any JTwitter OAuth request by simply injecting in a JHttpOAuth1 object instead of a regular JHttp object. That way you don't have to change JTwitter at all - you just swap in the JHttp object that knows how to inject in the OAuth token, and it does it.
Ian