Feat/discourse forum sso route

[jona159]

Type of Change

• Dependency upgrade
• Bug fix (non-breaking change)
• Breaking change
  • e.g. a fixed bug or new feature that may break something else
• New feature
• Code quality improvements
  • e.g. refactoring, documentation, tests, tooling, ...

Implementation

Requires these discourse settings:

enable_discourse_connect : true
discourse_connect_url : osem api route
discourse_connect_secret : shared secret

Add an api route to the app for the discourse discourse_connect_url setting and to implement this flow:

User opens Discourse
|
v
User clicks "Login"
|
v
Discourse creates a nonce and builds:
/api/discourse/sso?sso=...&sig=...
|
v
Browser redirect to osem
|
v
osem verifies sig using the shared secret
|
v
osem decodes sso and reads:
- nonce
- return_sso_url
|
v
Redirect to osem login and then back to the same SSO URL
|
v
osem builds response payload:
- nonce
- external_id
- email
- username
|
v
osem base64-encodes payload and signs it with the same secret
|
v
Browser redirect to:
return_sso_url?sso=...&sig=...
|
v
Discourse verifies signature and nonce
|
v
Discourse finds or creates the user
|
v
User is logged into the forum

Checklist

• I gave this pull request a meaningful title
• My pull request is targeting the dev branch
• I have added documentation to my code
• I have deleted code that I have commented out

Additional Information

• This PR closes #

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	68.94%	1767 / 2563
🔵	Statements	67.28%	1839 / 2733
🔵	Functions	69.63%	367 / 527
🔵	Branches	55.92%	949 / 1697

File Coverage

No changed files found.

Generated in workflow #2384 for commit b7288e2 by the Vitest Coverage Report Action

[scheidtdav]

Please check this potential break before merging

[scheidtdav]

I think this might break existing functionality right?