Why these guys? Well, Alex until recently was working at the University of Lincoln where they did a whole bunch of OAuth 2 work as auth for various API projects at the university. During this time he created the fully spec compliant CodeIgniter OAuth 2.0 Server, which was later replaced with a new generic PHP version for “The League of Extraordinary Packages”. It’s safe to say that Alex knows his shit when it comes to OAuth.
Zachary works for a different company on the same floor as Phil, and a client who shall remain nameless has been complaining about OAuth 2, for reasons that we both felt to be… well… silly. He’s been using Alex’s later library for several high-profile projects and is interested in the security angle.
Discuss this on Reddit.