Core Platform Team/Initiative/OAuth2/Epics, User Stories, and Requirements

Epic 1 - Add OAuth2 support to MediaWiki for use by web-based clients
Personas:


 * Server: wiki that is used as an OAuth identity provider
 * Admin: administrator of a wiki used as an OAuth identity provider
 * Client: client web application that uses a wiki as the OAuth identity provider
 * User: user of a client web application requesting authentication

Non-functional requirements:


 * OAuth 1.0 and OAuth 2.0 must be able to coexist
 * Code must be extensible to support API-based clients in Epic 2
 * Although the first test case is integration with Discourse, the MediaWiki code should not depend upon Discourse in any way

Epic 2 - Add OAuth2 support to MediaWiki for use by API-based clients

 * Implement internal classes for using OAuth 2.0 tokens in API calls
 * Add OAuth 2.0 as an optional authorization method for one first API (REST API, probably)
 * Add OAuth 2.0 as an optional authz method for Action API
 * Add OAuth 2.0 as an optional authz method for RESTBase
 * Interface for requesting, managing, and deleting API keys
 * Interface for users to list and delete tokens
 * Clear all OAuth 2.0 tokens when password changes
 * Clear all OAuth 2.0 tokens on request
 * Security review