Add an OAuth authorization flow
Description
Please add an OAuth authorization flow, similar to how other platforms.
Expected Behavior
Users would be able to authorize external services to manage their streams and other private settings, based on whatever the app requests.
This will require creating some extra pages in the user backend section, such as Applications (for developers), Authorized Apps (for revoking access to your data), figuring out a list of scopes (examples from twitch, facebook, trovo, dlive, youtube, streamlabs) and a set of documentation pages.
These guys seem to be claiming that their library is the bee's knees, not sure if it fits into OSP: https://github.com/lepture/authlib
For scopes, you can probably have scopes for:
- access username and email
- managing channels
-
- create
-
- update
-
-
- perhaps have separate scopes for various sections of channel data
-
-
- delete
- update stream title, thumbnail and other metadata
The result of the OAuth flow is an access token (probably JWT), which the API router reads and decides whether or not access should be given to create/update/delete user resources.