The past two weeks I was working in a proof of concept application for a customer of mine, implementing OAuth2 using ACS (Azure Access Control Service). These are the principal links I used.
First, links about what is OAuth, its history, etc:
OAuth (Open Authorization) is an open standard for authorization. It allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically username and password.
The Authoritative Guide to OAuth 1.0
The new OAuth 2:
OAuth in ACS and WCF:
Windows Azure AppFabric Access Control Service (ACS): WCF SWT/REST OAuth Scenario
Securing WCF Services with ACS
ACS (Azure Access Control Service) Added Support for OAuth 2.0 Protocol
This is the key web scenario example with code I studied :
It uses SWT (Simple Web Token) tokens to protect REST services. Read the setup to understand what it’s needed (Service Identity configuration) at Azure ACS.
The second key scenario example is desktop flow:
DataMarket OAuth Samples – Rich Client (2)
DataMarket OAuth Samples – Web Client
Again, these examples uses SWT
I found these last two examples at:
I should review the code at:
Code Sample: OAuth 2.0 Certificate Authentication
Access Control Service Samples and Documentation
I could extend example  to support a WinForm client.
Angel “Java” Lopez