Thanks for the question - in any creative project there are (unfortunately) topics that you simply can't cover within the constraints (time, space) of the project. Rather than cover many Spring Security-related topics at a high and semi-useful level, I made the design decision to select and explore fewer topics at a degree of detail that (I think) is unusual for most technical books. My intention was to allow the reader to come away with a better understanding of Spring Security 3, its architecture, and how it's put together, even if I don't cover the exact topic that you're looking for. This will hopefully help solve the problem that a lot of users new to the technology face, which is that they neither understand how it works, nor how to use the particular component they need to get their job done.
That said, I have a short list of supplementary tutorials I'd like to write up on my blog containing topics I didn't get to cover in this book, and I'll certainly add OAuth + Spring Security 3 to that list. Thanks for the suggestion!
Also (I'm sure you have seen this already), OAuth for Spring Security has a well-written user guide, certainly better than many Spring or Spring Security extensions at the moment.
Thanks for the question!
Author, Spring Security 3 (the Book), Packt Publishing, 2010