Apparently the way to get content from a Drupal site to another site/application is to use services. And also it would seem that using session based authentication is sooo last Drupal 6. So the recommended, yet not at all properly documented (like, anywhere), method is for an application to use 2-Legged OAuth authentication to authenticate and exchange data.

I spent some time getting angry at Drupal and OAuth and module makers and everyone who wouldn't provide a clear guide how to do this, and so now I have what I believe is a correctly working implementation (if it's not, please tell me where I'm wrong) I pass this information on to you dear reader.