[feature] Various OAuth improvements

[tsmethurst]

We've got various bits and bobs related to OAuth that could use some tlc.

This issue is meant to gather them together, since they tend to get a bit lost among the other issues.

• [ ] https://github.com/superseriousbusiness/gotosocial/issues/2523
• [ ] https://github.com/superseriousbusiness/gotosocial/issues/2227
• [ ] https://github.com/superseriousbusiness/gotosocial/issues/1573
• [ ] https://github.com/superseriousbusiness/gotosocial/issues/1081
• [ ] https://github.com/superseriousbusiness/gotosocial/issues/362
• [ ] https://github.com/superseriousbusiness/gotosocial/issues/313
• [ ] https://github.com/superseriousbusiness/gotosocial/issues/2225

[ThisIsMissEm]

I'd perhaps add here: RFC 8414, which allows for a /.well-known/oauth-authorization-server endpoint to disclose what features the given server supports / has available (gives the dynamic client registration endpoint, the scopes and grant types available, etc.