SSOOverhaul,AuthenticationExtenders

Fixes #2043
Fixes Part of #1891
Fixes #641
Fixes #1858
Fixes #897
Fixes #1994
Fixes #1362
- probably more

Changes proposed in this pull request:
- [x] Deprecate disorganized components of old authentication system
- [x] Centralize system for extensions to register new authentication systems
- [x] Add extender to add an sso driver
- [x] Sso registration respects disabled signups.
- [x] Add new admin pane, allowing forum admins to:
- [x] Enable/disable authentication providers
- [x] Enable/disable signups (move from permissions pane)
- [x] Enable/disable username/password registration
- [x] Add new user settings page, allowing users to link and unlink external auth providers from their account
- [x] Don't allow users to unlink sso providers if username/password authentication is disabled, and the account in question only has 1 linked provider.
- [x] Add a console command to re-enable username/password login (if SSO breaks we don't want to strand forum admin).
- [x] Add 'trust emails' feature. If a user is not logged in, and SSO returns the email of an existing user, an error message will be shown if this SSO Driver doesn't have 'trust emails' enabled in the admin pane. If trust emails is enabled for this driver, the SSO provider will be linked to the user's account.
- [x] Automatically display login buttons based off of meta method of driver.
- [x] Rewrite bundled extensions to use this new system
- [x] Auth Github
- [x] Auth Facebook
- [x] Auth Twitter
- [x] Add integration tests for SSO extender methods/functionality test (relies on #2052)
- [x] Extensive manual tests

TO ADD AFTER STABLE
- Ability to test SSO providers in admin panel before enabling (shouldn't be too difficult)
- Add (non-accidential) support for linking multiple identifiers from a provider to a flarum user.
- Manage button meta appearance from auth settings pane
- Manage provider settings through auth settings pane?
- Add extender method, full support for multifactor authentication.

Reviewers should focus on:
- How should we standardize nomenclature? IE sso vs auth vs external auth? driver vs provider? Right now, it's kind of a mess of all these.
- Does the sso flow described in SsoController accurately describe what we want? If not, what should we change/improve?
- Any things I missed?

Screencasts
Disable username/password auth:
https://youtu.be/kN4XT8BwUIQ

Disabling all sso providers force enables user/pass auth
https://youtu.be/OvS1jxHj5QQ

Disabling signup:
https://youtu.be/TnwrDFgCqnM

Auth Panel controls buttons, Registration works
https://youtu.be/EQchPk7oQuc

Linking/unlinking accounts works
https://youtu.be/teHYWFbTzQY

Can't unlink last provider if username/password auth disabled
https://youtu.be/YcMkBNWORgY

SSO registration respects disabled signups:
https://youtu.be/UCYJWyJB07I

Confirmed

• [x] Frontend changes: tested on a local Flarum installation.


• [x] Backend changes: tests are green (run
  

  1	composer test

  ).

该提问来源于开源项目：flarum/core