feat: authorize with baseql session id + management of oauth parameters outside of callbacks