[Compass Feature] Implement an OAuth2 provider backed by compass RBAC

[whi-tw]

Hullo,

There doesn’t seem to be a sensible way for feature requests for Compass proper, so I’m hoping to reach the right people here. Feel free to wontfix me if this isn’t the right place.

It feels like Compass should be able to provide an Oauth provider which members can use to secure access to their own applications (eg. Members’ sites, website administration etc) so this doesn’t have to be reimplemented for every application. This would allow for far more secure and trustable applications.

[AA-Turner]

I entirely agree. Equally it won't happen in Compass.

We could provide a "fake oauth" through this package, but we have the trust problem. Feel free to email me (my first dot last @ scouts.org.uk) or message me on the Scouts IT lab slack for more details

A

[whi-tw]

That’s kind of what I thought would be the case. I’ve just applied to join the group on Facebook (presumably that’s a step towards getting the slack url?)

[AA-Turner]

Ahh, sorry! I can email you the invitation link for slack?