Integration with external auth, ideas welcome

[umputun]

We had at least a couple of request to allow auth with "existing users", see #206 #363

There are many confusions around this topic, but, generally speaking, I feel the pain - user would like to share their current auth method with the comment system. The primary issue (misunderstanding?) caused by external nature of remark42. Even if it runs on-premise, this is an entirely alien system, from the frontend point of view, running in an iframe. We had this discussion before (see #267) and decided to keep it external, and I think it was the right decision.

So, what can we do to help users with such integrations? One way is adding some ability to extend oauth2 for user's need. I mean we provide some custom oauth2 server/skeleton as a plugin/service, and the user adds his hooks. Frankly, I have no clear picture of how all of this may work, just a general idea.

Another way for brave users is to allow and document direct integration into web sites. Again, not sure how exactly they pass credentials and how remark42 can get auth, but in such case, some kind of auth sharing should be possible.

Pls share your bright ideas, maybe we can figure this out.

[umputun]

ping @Reeywhaar and @sw-double

[umputun]

With custom oauth2 server added to /go-pkgz/auth this probably will be the way to go