Explore automatic verification for domains

[jplhomer]

As of https://github.com/rafter-platform/rafter/pull/45, we allow users to map domains via Rafter. However, it's likely that the service account is not a valid "owner" inside Webmaster Tools for that domain.

Our current workaround is to instruct the user to open up webmaster tools (link provided to them) and add the service account email as an owner (also provided to them).

While this works fine, we should also explore adding an OAuth flow, where Rafter takes care of adding the service account email to the list of owners on the property.

This would be done using the Site Verification API and a quick OAuth flow.

The biggest problem(s) with this:

• It only works if the user has already verified the domain through Google through e.g. Google Domains, adding a meta tag, or adding a DNS record. Rafter can't be of much help for that quite yet.
• Domains can be verified at the top level rafter.app or at subdomain levels demo.rafter.app. Unfortunately, we do not have any code logic that is able to determine whether the user entered a top-level domain or a subdomain... because that is actually trickier than it sounds 😬 This means we'd only be able to attempt to add a verified owner to the exact domain that the user added within Rafter, and I'm guessing that's not going to be the case in webmaster tools most of the time.

Initial exploration done here: https://github.com/rafter-platform/rafter/compare/domain-auth-verification

Cool writeup for pop-up oauth flow: https://dev.to/dinkydani21/how-we-use-a-popup-for-google-and-outlook-oauth-oci