OAuth has grown to be indespensible in today's web ecosystem. And there's tons of libraries out there to help you (very easily) use the most providers. But I wasn't satisfied with just using those libraries. I wanted to know what made the whole system tick. This surprisingly harder than I expected it to be. And it's not because it's difficult, but rather because there seems to be a stigma that it is. And as a consequence most tutorials just show how to add OAuth using 3rd party libraries.
I scoured through the Twitter & Github docs to implement my own modules. Between them, they cover the OAuth1 an OAuth2 workflows. They handle everything from signing authorisation headers to verifying oauth tokens. I took me a while, but I'm proud of the outcome. And considering that theres a serious need to explain how the flow works, its safe to assume I'll write a tutorial on it soon.
In the mean time, test it out on repl (this one doesn't create a copy and has a hidden .env file).