Browser auth is easier to dev and more secure because SSL is pre-established. Browsers tend to get security updates more often and have built in cert stores. Browsers are so central to an OS nowadays that path traversal is easier to set up, relative to individual apps.
If every application had to write this functionally, companies would have to redirect dev focus away from their core services and, most likely, would be shittier (for a number of reasons). It would also lead to more OS bloat.
On the other hand, if every app was a web app they'd be able to track you even better than they do now (at least regarding human interaction with the app itself); it's easy to set up an outbound block on an application that isn't a browser. On the other hand, installed apps can establish persistence. Like how Logitech does with its options software (I fucking hate this behavior btw).
- Note that I'm not disagreeing with your opinion, just trying to enrich it
This is the correct answer. Kodi+fen+RD is my choice but it requires a bit more maintenance.