Indeed. There's nothing to suggest that OAuth is insecure - only that humans are easily confused!