[security] passing password on identification request?

[SitG Admin]

>But no matter what, even with oAuth I will need to log in using a 
>web browser at some point in order to get that key/secret 
>combination, won't i? Unless there are providers that offer 
>programmatic log in?

Yes, this is sort of the idea - your RP will use a server plugin that 
lets it act like a web browser to contact the OP (but only for 
discovery; login itself still has to take place with the user 
delivering authentication payloads).

-Shade