[terpin]

The article doesn't really provide anything specific - oAuth is actually hard to implement and the reason for variations is typically down to both dev cycles and differing opinions on security elements.

We see a lot of openAuth implementations (we provide infrastructure for it: http://www.3scale.net) and we try to help people be uniform, but the spec still has room for interpretation.

I think there'll be convergence - things like http://www.ifttt.com/ will encourage people to the straight and narrow - but it'll take time. Agree with some of the other commenters - not sure how much this article really helps: a detailed laundry list might be better.