Investigate oauth2 support in Discourse

[kallisti5]

Haiku now has a central identity provider. Investigate attaching Discourse to it via oauth2

[kallisti5]

https://github.com/discourse/discourse-oauth2-basic is the oauth2 plugin discourse provides.

[nielx]

I will have a look.

[kallisti5]

@nielx oh, by the way. I've already scripted out the user import tool for discourse.

https://github.com/haiku/infrastructure/blob/master/tools/sso/keycloak_discourse_import.rb

It looks if users already exist with a similar email or username is keycloak before importing them. To user it you'll give it your master realm account username and password.

For the input, you just have to export the users from discourse (it's a CSV)

There are a few pre-requisite steps of "gem install ..." to install a few used ruby gems. In theory you can run it multiple times and it will "figure it out and add new people as needed"

[kallisti5]

Overall, the onboarding process will likely be:

• Login
• "Forgot Password"
• Reset password
• Login

On thing that needs validated is the "linkage" between user identities in Keycloak vs the internal identities to ensure accounts remain linked.