refactor(OAuth2)!: Rewrite auth module (#661)

This is a rewrite of the OAuth2 module to address some bugs and inconsistencies. And since it changes the structure of the credentials, I'm marking this as a breaking change.

Note that you will have to update your existing credentials, that is if you wish to continue using them. Otherwise, simply delete them and sign in again.

examples/auth/README.md

@@ -8,22 +8,21 @@ Just like the official Data API, YouTube.js supports using your own OAuth2 crede
 The library supports signing in using YouTube TV's client id. This is the recommended way to sign in as it doesn't require you to create your own OAuth2 credentials.
 
 ```js
-// 'auth-pending' is fired with the info needed to sign in via OAuth.
+
+// Fired when waiting for the user to authorize the sign in attempt.
 yt.session.on('auth-pending', (data) => {
-    // data.verification_url contains the URL to visit to authenticate.
-    // data.user_code contains the code to enter on the website.
+  // data.verification_url contains the authorization URL.
+  // data.user_code contains the code to enter on the website.
 });
 
-// 'auth' is fired once the authentication is complete
+// Fired when authentication is successful.
 yt.session.on('auth', ({ credentials }) => {
-  // do something with the credentials, eg; save them in a database.
+  // Do something with the credentials, eg; save them in a database.
   console.log('Sign in successful');
 });
 
-// 'update-credentials' is fired when the access token expires, if you do not save the updated credentials any subsequent request will fail 
-yt.session.on('update-credentials', ({ credentials }) => {
-  // do something with the updated credentials
-});
+// Fired when the access token expires.
+yt.session.on('update-credentials', ({ credentials }) => { /** do something with the updated credentials. */ });
 
 await yt.session.signIn(/* credentials */);
 ```
@@ -56,7 +55,7 @@ await yt.session.oauth.removeCache();
 # Cookies
 
 > **Note**
-> This is not as reliable as OAuth2 as cookies expire and can be completely revoked at any time.
+> This is not as reliable as OAuth2. Cookies can expire and are not very secure.
 
 ```js
 const yt = await Innertube.create({

examples/auth/custom-oauth2-creds/index.ts

@@ -111,9 +111,11 @@ app.get('/login', async (req, res) => {
     await innertube.session.signIn({
       access_token: tokens.access_token,
       refresh_token: tokens.refresh_token,
-      expires: new Date(tokens.expiry_date),
-      client_id: clientId,
-      client_secret: clientSecret,
+      expiry_date: new Date(tokens.expiry_date).toISOString(),
+      client: {
+        client_id: clientId,
+        client_secret: clientSecret
+      }
     });
 
     await innertube.session.oauth.cacheCredentials();

examples/auth/yttv-oauth2.js

@@ -6,17 +6,17 @@ import { Innertube, UniversalCache } from  'youtubei.js';
     cache: new UniversalCache(false)
   });
 
-  // 'auth-pending' is fired with the info needed to sign in via OAuth.
+  // Fired when waiting for the user to authorize the sign in attempt.
   yt.session.on('auth-pending', (data) => {
     console.log(`Go to ${data.verification_url} in your browser and enter code ${data.user_code} to authenticate.`);
   });
 
-  // 'auth' is fired once the authentication is complete
+  // Fired when authentication is successful.
   yt.session.on('auth', ({ credentials }) => {
     console.log('Sign in successful:', credentials);
   });
 
-  // 'update-credentials' is fired when the access token expires, if you do not save the updated credentials any subsequent request will fail 
+  // Fired when the access token expires.
   yt.session.on('update-credentials', async ({ credentials }) => {
     console.log('Credentials updated:', credentials);
     await yt.session.oauth.cacheCredentials();