I wonder if we could proxy OAuth flows to notebooks. For example, a notebook could initiate an OAuth2 flow, Livebook handles it, and once it gets back, we notify the notebook which may approve or deny the request. The biggest concern though is that we need to have a static callback URL, so you would need to run Livebook internally at a fixed address?
If this is something you would like to work on, please reach out, I think it could open up interesting possibilities!
update: this specific issue is something I could work around differently: defining a user that has its own credentials within SF who can be used in the auth flow did the trick without any redirect needs!
If this is something you would like to work on, please reach out, I think it could open up interesting possibilities!