swantzter
commented
4 years ago Hmm this might be trickier than initial research made it look like... Apparently fxa does some keypair generation shenanigans as mentioned in mozilla/send#1381
But perhaps its possible move that logic into send, or even simplify away the need for it somehow
As a non-Mozilla/Firefox-centric user, I would like to be able to use my own choice of account platform in order to authenticate users against my own user database.
OAuth2 seems like the most reasonable choice for this. It is essentially the defacto web standard for cross-site authentication and Firefox Accounts (FXA) seem to be essentially a mutated OAuth2 system.
My hope is that some of the existing account connection plumbing can be reused, but this is pending more experimentation with "standard" / 3rd party OAuth providers. -- Per a discussion on IRC, it seems unlikely that the entirety can be used, but my thoughts are that we can at least modify the existing FXA checks throughout the application and only renovate the existing login flow.