read OAuth 2 in Action - Yifan's Learning Journey

6 - OAuth 2.0 In the Real World
7 - Common client vulnerabilities
8 - Common Protected Resources Vulnerabilities
9 - Common authorization server vulnerabilities
10 - Common OAuth Tokens vulnerabilities
11 - OAuth Tokens
12 - Dynamic Client Registration
13 - User Authentication with OAuth 2.0
14 - Protocols and Profiles using OAuth 2.0
15 - Beyond Bearer Tokens
16 - Summary and conclusions