Add own OAuth server option for easier testing

[nuest]

The biggest hurdle right now possibly is the ORCID app registration.

To mitigate this additional requirement, we could add an OAuth2 server to the compose configuration, which always simply logs in a users with ORCID iDs on the ORCID sandbox server.

Advantage: This does not play around with the actual login and security and requires no changes in the login code.

When clicking on "Login", the user should be shown a minimal landing page and be allowed to pick a user from a list by clicking it. The available users would be

• author
• editor
• admin

and have the respective levels in the backend. That means the demo-OAuth-server needs access to the MongoDB and store these users in the database at startup.

Potential projects to use for the server implementation

• https://www.npmjs.com/package/oauth2-server
• https://www.npmjs.com/package/oauth2orize
• https://jlabusch.github.io/oauth2-server/
• https://github.com/patientsknowbest/fake-oauth2-server

[nuest]

Done - a while ago.