This paper presents the design and implementation of an authorization mechanism for MQTT-based Internet of Things (IoT). The design is based on OAuth 1.0a, which is an open authorization standard for web applications. Some redesign and modification have been made to the based framework to fit it within the MQTT environment. Several considerations are taken into account, including limited node resources, lack of node's user interface, and key/secret distribution and management. The design is implemented on a real MQTT-based IoT service platform and demonstrated that it works as intended. Authorization delay and message overhead are minimal. Security issues are analyzed along with discussion for future work.