Application passwords

[labkode]

As a user I want to generate a unique authentication token to act on my behalf with limited scope.
This token can be used in 3rd party applications or in case primary user credentials cannot be submitted to other parties.
Having such token allows for device-level controls. An example of my mail provider:

To achieve this functionality we need two tasks:

1. Implement an Auth Provider that consumes these tokens and gives back an authentication token on behalf of the user that generated it
2. A new API for create these tokens

@gmgigi96 will work on 1) and @ishank011 on 2).

[ishank011]

@labkode @gmgigi96 token minting and dismantling is handled in the gateway itself, so we don't need to delegate this to the auth provider. We just need to check that a user is present in the context and generate the token, else return an error.

I've created a PR to CS3APIs cs3org/cs3apis#127, will coordinate with @gmgigi96 on the changes in reva.

[ishank011]

To start with, we can have the following scopes for applications:

• resource (resourceInfo; role) (we can reuse the code in the current publicshare scope)
• share (share (user/public/OCM); role)

[labkode]

@ishank011 We still need the auth provider. We need a way to list these tokens and remove them from the user. We need an "app password" that will be converted to that token that is mint in the gateway.

I've discussed it this morning with @gmgigi96, we can have another chat tomorow