Information about our OAuth implementation can be found here, with additional comments on the requirements for media here. Rather than trying to sign everything yourself I’d strongly recommend finding a client library that makes this easier. You can see the example upload traces in the Uploading Media guide (using twurl). By running twurl yourself with the -t parameter you’ll enable more detailed tracing which would output the OAuth headers.
