Add an OIDC client for authentication

[calummackervoy]

Describe the project you are working on

A protocol which allows users to use the same account in multiple games (just simple demos at this stage)... That's all the info that's needed for this issue but: https://calum.mackervoy.com/en/2021/04/23/mud.html

Describe the problem or limitation you are having in your project

Sharing identity between games is essential to sharing user data between games

Describe the feature / enhancement and how it helps to overcome the problem or limitation

(See previous)

Describe how your proposal will work, with code, pseudo-code, mock-ups, and/or diagrams

Fairly similarly to in Unity (https://docs.unity.com/authentication/en/manual/PlatformSignInOpenIDConnect). I.e. implementing the OIDC (client) specification (https://openid.net/specs/openid-connect-core-1_0.html) and providing it through a class AuthenticationService... probably as a singleton, but I'm talking about parts of Godot I haven't used

If this enhancement will not be used often, can it be worked around with a few lines of script?

We could implement this with a plugin

Is there a reason why this should be core and not an add-on in the asset library?

Because identity is a common need. OIDC in particular is becoming more and more popular in the web, and so it makes sense that it's becoming more common in the field of games

[calummackervoy]

I've implemented Solid-OIDC in Python before (https://git.startinblox.com/djangoldp-packages/django-webidoidc-provider) so I'm confident I could do this but I'd want to look for funding

[Calinou]

For reference, peer authentication support was added to the high-level multiplayer API in 4.0 by https://github.com/godotengine/godot/pull/67917.

The godot-proposals repository is intended for features to be added to the core engine, or through official add-ons. For community-developed add-ons, you don't have to open a proposal here :slightly_smiling_face:

Given this feature doesn't seem to be requested often (see the lack of activity here over the past month), I'd say this is best left to a community add-on.

[calummackervoy]

Thanks for the info on that PR. Looking at the code and the docs I can't figure out how identity is being authenticated, e.g. am I sending a password? I guess keys or something could be getting used as authentication? Some methods have "auth" in the name and auth_callback etc reminds me of OAuth

I understand your reasoning, I feel like it should possibly be a core feature because:

• identity is a common need
• it belongs with implementations of related authentication standards (like OAuth), which I think should be core features if/when supported
• it's a standard which is widely used (outside of Godot?)
• it should be used more. Using it more could be a good avenue to increasing user control over their identity, and reducing the responsibilities for multiplayer games

I guess the fact that it's a core feature in Unity isn't reason enough, but I've asked on their forum if someone could speculate why it is: https://answers.unity.com/questions/1945383/why-is-oidc-a-core-featurewhy-is-oidc-a-core-featu.html