feat: Social login with Steam / Open ID 2.0

[tbureck]

This pull request aims at adding support for social login for Steam and other Open ID 2.0-based providers.

Related issue(s)

This PR is related to #3631

Checklist

• I have read the contributing guidelines.
• (no DD) I have referenced an issue containing the design document if my change
  introduces a new feature.
• I am following the
  contributing code guidelines.
• I have read the security policy.
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security vulnerability, I
  confirm that I got the approval (please contact
  security@ory.sh) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added or changed the documentation.

Further Comments

I have never worked with Go before, so I got into the basics. Please be gentle if I did something that is unusual for Go projects. :) I've looked at the implementation of OIDC to get going, thus most of the code should look somewhat familiar.

Like OIDC providers, OID2 providers need to be configured in the Kratos configuration. For Steam this might look like the following:

{
  "selfservice": {
    "methods": {
      "oid2": {
        "enabled": true,
        "config": {
          "providers": [
            {
              "id": "steam",
              "provider": "steam",
              "label": "Steam"
            }
          ],
          "base_redirect_uri": "http://localhost:3000/"
        }
      }
    }
  }
}

Current State of the PR

The registration flow is implemented until the point that a redirect to the provider is needed. Providers are configurable. The login flow exists as a mostly empty shell.

I've been struggling with testing in Go until now, support with that would be much appreciated..

The following things still need to be done:

• Registration callback/identity creation
• Login flow with implicit registration, if needed (like OIDC strategy)
• Settings flow with link/unlink feature
• Testing
• optional: use Steam Web API to get more than the user's Steam ID (e.g. display name)

Intermediate feedback would be much appreciated. 🙏

[CLAassistant]

All committers have signed the CLA.

[Jorgagu]

Hey @tbureck, you might want to look into the Ory Fosite framework for Go, especially for the Open ID 2.0 implementation. It mainly supports Open ID 1.0, but it could still be of some use.

Should you need any assistance, feel free to ask. I’m also learning Go, but happy to help if I can.

[tbureck]

Hey @tbureck, you might want to look into the Ory Fosite framework for Go, especially for the Open ID 2.0 implementation. It mainly supports Open ID 1.0, but it could still be of some use.

Should you need any assistance, feel free to ask. I’m also learning Go, but happy to help if I can.

Thanks for your offer of help!

The linked library supports Open ID 1.0 Connect, which is the successor of Open ID 2.0. Open ID 2.0 itself is considered obsolete as can be seen on the Open ID website.