I'm not surprised. A bit disappointed, but not surprised.
Have a look at the original OAuth specification sometime. Note how they misuse the word "key" to mean "identifier". I can't imagine that anyone writing a crypto specification wouldn't know that this would be confusing; I think it's more likely that the person just didn't care. Also, there's the fact that the whole thing could have been written as just a way of getting Basic authentication credentials, rather than making up a whole new authentication scheme.
And then there's the hashbang thing...
Thank you. I agree both of these show a casual disregard for "how the real world works", where not everyone is a "rock star", some are lowest common denominators using the web as best they can (and good for them for even trying!), and some just need to get things done.
Every extra exception you require in a user's mind makes your work and the web in general just that little bit less accessible.
That it is being done for "style" in an arena of notoriously unsophisticated users, really feels like a giant middle finger.
Kudos to Google for their style guide freeing up this particular "exceptions" pigeonhole from a JS programmer's mind, so she can use the synapse to get something done instead.
// Using JS in the real world since Netscape 2.0.
Google's examples show the hash bang after the query. Twitter put the query after the hash bang.