The metabrainz.org codebase contains OAuth support which is being used by the OfficeBrainz app that allows people to get into our building here in Barcelona. (which is to say that we should not break this since, we need it to get into the building)

However, this code has largely not been checked over to ensure that we have the latest and greatest version of OAuth libraries and that our workflow is secure.

Part 1 of this ticket is to examine our workflow and to update any dependencies and to ensure that everything works as we expect.

Part 2 involves contacting Pieter Philippaerts at the University of Leuven to ask for a review of our OAuth implementation. I'll provide contact info when you get to this step. Pieter contacted MB initially with some issues in our MB based OAuth flow which Yvan then fixed. We should make sure that our workflow is secure before we go much further. We should have it re-checked when we've finished all of the work that this rather long project will entail.