OAuth Standard
Reading the standards that I always intended to read.
Library implementations
Related public exploits
Common misuse
How and where is it used in practice