As a general note, Azure appears to have both SAML and OAuth flavors. D10297 / D10289 implement the OAuth flavors, and don't invoke the messy SAML problem. I'm not sure if these providers are equivalent or not.
@epriestley Sorry bringing up this ancient task. I am also interested in this Azure OAuth feature. Would you kindly point me to some third-party extension coding guideline/documents? I've dug around for the docs, but not found any.