I've been thinking about MediaWiki integration. We don't want to require every 3rd party tool to do an OAuth dance -- especially if a user is already logged in. I was talking to Ladsgroup about how we could borrow a user's logged-in status during MediaWiki integration and he suggested that we use a CSRF token.
This would make it so that we don't need to require users to do an OAuth dance every time they want to use JADE (submit a judgement, suppress a comment, etc.).