Support OAuth flow for modules

[Julusian]

Is this a feature relevant to companion itself, and not a module?

• I believe this to be a feature for companion, not a module

Is there an existing issue for this?

• I have searched the existing issues

Describe the feature

Some modules use OAuth to authenticate against an API. This is done in varying ways, due to the complexities involved and it not fitting into our config model very well, as it involves navigating to a URL, and then storing a code that was returned.

The current recommended approach to OAuth is documented on the wiki: https://github.com/bitfocus/companion-module-base/wiki/OAuth

What can we do to simplify/streamline this for modules, to make the experience better for users?

Custom config field helper

A full approach could involve creating a new config field type, which would handle the abstraction of OAuth. It would handle showing/generation of all the necessary config fields for setting up OAuth, and provide them to the module as an object.

{
	type: 'oauth',
	id: 'myoauth',
	label: 'Authentication',
	width: 12,
	exchangeUrl: 'https://api.restream.io/oauth/token',
	authorizationUrl: 'https://api.restream.io/login',
	scopes: 'some scopes here',
},

with the resulting object looking like:

{
  clientId: '',
  clientSecret: '',
  accessToken: '',
  refreshToken: '',
}

As part of this component we could offer a button to open the completed authorizationUrl so that the user can go through the process.
We would also then handle receiving the code through a callback, and converting that into access and refresh tokens.

Some thought will need to go into the UX of this in the browser, and how that will work with saving the module config. But this would allow modules to massively simplify their OAuth usage, and make something that is consistent for the users.

Or keep it simpler with some other options to streamline some small portions:

A way for modules to 'open' a url for the user

Some modules are using open to open the authorizationUrl automatically for users. Perhaps we could provide a way for modules to request a url is opened for the user, which we can show as a prompt in the webui. That way it will work for users who are configuring remotely.

Usecases

No response

[Julusian]

This would work as after filling in the 'automatic' fields in the settings, an 'authorize' button will become enabled. Among these fields, would be a field showing the current callback url, which would be dynamic and use the same ip/hostname as the current browser window.
Clicking that will open a modal hosting an iframe which performs the auth.
The callback url can point to a simple page of ours, which can emit an event to report that the auth has finished, and will push the final tokens out to the still open settings panel.
Then the user can hit save and hand over the tokens we retrieved to the module.

Maybe we should also have a 'lighter' flow for this, where we let modules create these buttons without all the config fields, and we store the whole blob of json returned in a value. That way if there is an oauth like flow that doesn't fit what we have defined, modules can still do it themselves with our help to just help collect and store the tokens