OAuth does the following:
The consumer requests a token from the server
The consumer then directs the user to a login page, passing the token with them
The user logs in and is redirected back to the consumer with an access token
The consumer takes the access token and requests the OAuth token to use with future secure requests
The OAuth token is retrieved, and the developer can now make secure requests by passing the token for validation