Using OAuth as addition to traditional signup to get "VERIFIED" and "GUEST" accounts. #10072
Description
High level desired use case:
There's a chat related to some service that can authenticate via OAuth as an authoritative source for usernames.
Traditionally you can signup as someuser1 with somename@do.main.com and use few channels enabled for "guests" aka "unverified" users. Resulting name would be unverified-someuser1 to avoid name conflict and possible only if someuser1 doesn't already exist.
You can then use OAuth to authenticate and get verified status that will allow you to get rid of unverified- prefix for username (without loosing message history), get "VERIFIED" badge, access other channels and ability to initiate direct messaging, etc.
Rephrasing: unverified-username3 is allowed to be changed to username3 and getting VERIFIED badge after one can successfully authenticate against OAuth (and keep e-mail setting from traditional signup if OAuth doesn't provide one)
Obviously dealing with tons of current users would be a problem (to migrate them from someuser2 to unverified-someuser2.
Also, currently signup using OAuth only, might be problematic for some of the features (like mail notification) in such cases when OAuth doesn't provide e-mail. In such case it should fallback to e-mail provided via traditional signup.
Possibly related to: #6528 and #6483
All that will help with phishing attempts, abusing well known usernames on associated service, thus might be valuable for #8284