I have some doubts about the implicit grant implementation.
The current implementation does not seem to provide a 'user approval page' hook for the implicit grant flow. So how can one ask the resource owner if he/she authorizes the access? The specification in the section on implicit grant states:
Krishna(B) The authorization server authenticates the resource owner (via the user-agent) and establishes whether the resource owner grants or denies the client's access request.