feat: Add TD Ameritrade positions syncing

[mgalgs]

This patch introduces a new config option, broker-positions-sync, which specifies broker authentication details in order to sync your positions from your broker automatically.

Currently only TD Ameritrade is supported.

Example:

# ~/.ticker.yaml
broker-positions-sync:
  td:
    access-token: "<your_token_here>"

You can get an access token manually with these instructions [1] or with the get_td_token.sh example script in this patch.

Fixes #115

[1] https://developer.tdameritrade.com/content/simple-auth-local-apps

---

This is currently a proof of concept. It's working as is but I've left it as a DRAFT for some additional cleanup if you're interested in merging this feature. The cleanup I'd still like to do is:

• [ ] Move the broker API stuff into a separate file and make it more generic so that other APIs can be easily added.
• [ ] Handle initial oauth token grant as well as token refreshing.
  • Have to decide how we want to handle SSL (see discussion on #115). Options on the table are (1) self-signed cert, or (2) secure tunnel (ngrok or similar). I'm leaning towards (2)...
  • Once this is done I'd also be able to rip out get_td_token.sh.

But I don't want to do that cleanup work unless you think this feature is worth including in ticker. Thanks for taking a look!

[cwarden]

Have to decide how we want to handle SSL (see discussion on #115). Options on the table are (1) self-signed cert, or (2) secure tunnel (ngrok or similar). I'm leaning towards (2)...

If you want to use a publicly accessible callback endpoint, another option is to have it send the browser to an http localhost URL. The force cli is an example of an application that used to do this. It used https://force-cli.herokuapp.com/auth/callback as the callback url, which would use javascript to get the auth token from the hash and redirect the user.

It's a bit annoying to have an open source application depend upon the availability and trustworthiness of a web page, but perhaps slightly better than a dependency on a service like ngrok.

[github-actions[bot]]

This pr is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[github-actions[bot]]

This pr was closed because it has been stalled for 7 days with no activity.

[cwarden]

@achannarasappa is modifying .ticker.yaml, like the alpaca integration, the preferred method of integrating brokerage accounts with ticker?

[achannarasappa]

@cwarden thanks for opening this PR and apologies for the lack of feedback on this one.

When it comes to pulling in brokerage specific data, modifying .ticker.yaml seems like the right approach to me since position data retrieval seems a bit far afield from the original intent of ticker and these integrations can introduce a good bit complexity.

If you have other ideas on how best to extend ticker I'd be interested to hear those as well but for now, modifying the configuration file seems like the best option.