I'm try to use your OAuth sample for microsoft account and it works well, but there are erros in description:
- Wrong files list to copy from solution (LogonAuthController.cs twice, AuthenticationStandartWithOAuth doesn't exists, forget AuthenticationOwin.web/security folder files)
- Missed using CustomAuthenticationStandardProvider description (sample is not working as described without it, and as result you could enter to OAuth registered users without password)
Yes, you are correct. The information in Readme of the How to: Use Google, Facebook and Microsoft accounts in ASP.NET XAF applications (OAuth2 demo) example is relevant for version 17.1. We will update it for newer versions.