[feature request] Add support for Amazon Cognito authorization model

[zshamrock]

https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html

Currently trying to use existing "oauth2" and entering the values from

https://cognito-idp.us-east-1.amazonaws.com/<pool id>/.well-known/openid-configuration

it fails with the following error:

{"code":"BadRequest","message":"The server did not understand the operation that was requested.","type":"client"}

And the following request was constructed:

https://cognito-idp.us-east-1.amazonaws.com/<pool id>/authorize?client_id=<client id>&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&state=<state>&scope=email%2Copenid&code_challenge=<challenge>&code_challenge_method=S256