OAuth 1 I'd agree with that statement (it's use of crypto gave it more pitfalls), but basic OAuth 2 is really not that bad. It's a few fairly straight-forward HTTP requests.
DNS.live does this for its free web and DNS hosting [1]. All you need to do is sign any post/api call with the private key associated with the address in control of your handshake tld.
5 comments
[ 4.5 ms ] story [ 20.2 ms ] threadhttps://indieauth.net/
An example is on github [2][3].
[1] https://dns.live/hosting.html
[2] Server: https://github.com/dnslive/dnslive-webserv
[3] Client: https://github.com/dnslive/dnslive-webhost