Hi @Joo, welcome to the Atlassian developer community.
Can I use just one OAuth integration for both Jira Cloud and Jira server?
No, with 1 exception: OAuth 1.0a. This is same in both Cloud and Server/Data Center. But I strongly advise against using it. The guide documentation can be hard to follow and there isn’t a good foundation of reference documentation. In both Cloud and Server/Data Center there are desires to retire the technology (to be clear, desire is not a plan). Overall, I have worked with developers using OAuth 1.0a and it is painful for all involved.
Is there any review process for the OAuth integration?
Yes, for Jira Cloud. As described in the 3LO documentation, review is necessary for distributing 3LO apps.