A little love for x/oauth2

[cpu...@gmail.com]

I've recently worked a bit with oauth2 and noticed that issue tracker and PRs could use a little love. Quite a number of PRs have gone through Gerrit review without merging and the issues contain some imho valid points.

Is there a policy for maintaining x/oauth2 or putting it into slower maintenance-only mode?

Cheers,

Andi