> The thing is, you never really know off-hand if you're logged into the third-party (provider) or not without opening a second tab and going directly to the third-party's site
That's exactly right! But with OAuth, when you authenticate, you go directly to the login-form from the third party (assuming here that by third party you mean the party you have an account with)! Ideally, the client (the app you're using) doesn't even know where you (the user, via the user-agent, otherwise known as "browser") went to log in, it only knows the address of the authorization service (which does not need to be the same domain as the actual login server). That's the great thing about OAuth!
But for this to work, authentication must be performed in a reliable browser, hence the importance of the green URL bar in browsers: so you know you really are in the Google login page, not in some phishing website, when you enter your credentials.
That's exactly right! But with OAuth, when you authenticate, you go directly to the login-form from the third party (assuming here that by third party you mean the party you have an account with)! Ideally, the client (the app you're using) doesn't even know where you (the user, via the user-agent, otherwise known as "browser") went to log in, it only knows the address of the authorization service (which does not need to be the same domain as the actual login server). That's the great thing about OAuth!
But for this to work, authentication must be performed in a reliable browser, hence the importance of the green URL bar in browsers: so you know you really are in the Google login page, not in some phishing website, when you enter your credentials.