Would the staff consider a PR with a very basic (but complete) implementation of OAuth2 authentication for staff users? I’ve got a PoC plugging into the SSO adapter but the final thing would include:
- Authorization code flow login with PKCE for staff users
- Configuration to enable account creation on first login
- Configuration to read a specific claim for user role (e.g. Editor)
- Configuration to read a specific claim for user name
- Configuration to read a specific claim for user email
- Configuration to read a specific claim for user picture
- ???
Based on what I’ve tried so far I think the above is relatively easily done, however I am unsure how the maintainers would prefer it be published/integrated or whether they want something like this at all given they are working on it for Pro.
Thoughts?