Upgrade ScribeJava to latest version

[poikilotherm]

This is an implementation task for the salvation of #5974

---

With the current OAuth2 providers, you can only connect to specific providers. For using an IDM/IAM, we need a more general approach, more like mentioned in #4383.

These days, OpenID Connect defines a common standard based on OAuth2, where at least some scopes and claims are standardized. ScribeJava offers some (very) limited support for using the standard, so let's try this...

[poikilotherm]

I just created PR #5997.
@pdurbin could you please add this to code review? Before I add more unit tests, I would like to know if this goes into the right direction.

Beware, this is not yet tested "in the wild" against Github/Google. That's the next step... 😉

[pdurbin]

With the current OAuth2 providers, you can only connect to specific providers.

Yes. This reminds me of this issue: "As a Dataverse Installation Administrator, I want to add an alternative OAuth provider as a plugin, so that I don't have to fork the core code" #4383

@poikilotherm will your current effort help with this? You might be interested in the slide below about federated login presented by @philippconzett during the 2019 community meeting: https://osf.io/cqsrj/

A video of this talk is available: https://youtu.be/vAPpKuDQUDY?t=746

Before I add more unit tests

I don't see any tests yet in pull request #5997. 😄

[poikilotherm]

Hey @pdurbin

Yes. This reminds me of this issue: "As a Dataverse Installation Administrator, I want to add an alternative OAuth provider as a plugin, so that I don't have to fork the core code" #4383

@poikilotherm will your current effort help with this? You might be interested in the slide below about federated login presented by @philippconzett during the 2019 community meeting: https://osf.io/cqsrj/

I referenced #4383 in my description already... 😉 To answer your question: it might help. People need to attach their IDM to the other services. This is definitly possible, like it has been done with Unity IDM to connect to a lot more providers than currently exist in Dataverse (see b2access as an example, offering Win Live and Facebook)

I don't see any tests yet in pull request #5997. smile

I wasn't clear enough... There are currently no unit tests at all for the business logic of the OAuth stuff. Before I add any unit tests I would like to know if you guys like what you see... (I prefer test driven design, but I really need to get things done now 😉 .)