Firstly, very useful plugin. Thank you for the effort.
How does this differ from the OAuth specification (in terms of goal, not implementation)? In fact, why use a home-brewed solution when there are tested and proven solutions such as OAuth? Also, would developers not prefer to implement OAuth instead of a custom SSO service since it severly limits integration with future (potential) systems?