Add support for device authorisation grant - see #302

Author: simonrob

emailproxy.config

@@ -155,6 +155,10 @@ documentation = Accounts are specified using your email address as the section h
 		attempts before the first valid login, pre-encrypting account entries is highly recommended. See the example
 		script at https://github.com/simonrob/email-oauth2-proxy/issues/61#issuecomment-1259110336.
 
+	- The proxy supports the device authorisation grant (DAG) OAuth 2.0 flow (RFC 8628), which may better suit headless
+	systems. To use this flow, set `oauth2_flow = device`. With this flow, the proxy receives authorisation responses
+	directly from the service provider, so no `redirect_uri` is needed. An example account configuration is given below.
+
 	Gmail customisation:
 	- The proxy supports the use of service accounts with Gmail for Google Workspace (note: normal Gmail accounts do not
 	support this method). To use this option, add an account entry as normal, but do not add a `permission_url` value
@@ -203,7 +207,7 @@ client_secret = *** your client secret here ***
 permission_url = https://#.microsoftonline.com/common/oauth2/v2.0/authorize
 token_url = https://#.microsoftonline.com/common/oauth2/v2.0/token
 oauth2_scope = https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send offline_access
-client_id = *** your client id here - note that as you are not the administrator of Hotmail.com / Outlook.com, you will need to reuse an existing client ID (see the proxy's readme) ***
+client_id = *** your client id here - note that as you are not the administrator of Hotmail.com / Outlook.com, you will likely need to reuse an existing client ID (see the proxy's readme) ***
 redirect_uri = https://localhost
 
 [your.email@gmail.com]
@@ -230,6 +234,13 @@ redirect_uri = http://localhost
 client_id = *** your client id here - note that as new client registrations are not permitted for AOL, you will need to reuse an existing client ID (see the proxy's readme) ***
 client_secret = *** your client secret here ***
 
+[dag.flow.configured.address@outlook.com]
+permission_url = https://#.microsoftonline.com/common/oauth2/v2.0/devicecode
+token_url = https://#.microsoftonline.com/common/oauth2/v2.0/token
+oauth2_scope = https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send offline_access
+oauth2_flow = device
+client_id = *** your client id here ***
+
 [ccg.flow.configured.address@your-tenant.com]
 documentation = *** note: this is an advanced O365 account example; in most cases you want the version above instead ***
 token_url = https://#.microsoftonline.com/*** your tenant id here ***/oauth2/v2.0/token