Add support for external email verification against OIDC login script. This will check local file for presence of email and log the user in if it is or deny them if it isn't.
This may happen if no group information is shared via OAuth2/OIDC but synchronization of user data is intended by WeKan administration. Without the patch the following exception is raised:
Error in OAuth Server: groups is not iterable
with this fix, Authentication via OAuth2 with Google is possible.
1.) token endpoint and userinfo-endpoint in Google are different, so you have to check that,
2.) request the scopes of the environment variable "process.env.OAUTH2_REQUEST_PERMISSIONS"
with this small little fix the login with google in oauth2-protocol gets possible :-)
I would be very happy about a master-merge
thank you in advance
Trying to configure wekan authenticating against LemonLDAP-NG, I used to read about errors like the following:
```
XXX: getUserInfo response: { sub: 'demoone' }
XXX: userinfo: { sub: 'demoone' }
{"line":"431","file":"oauth.js","message":"Error in OAuth Server: id is not defined","time":{"$date":1556286530412},"level":"warn"}
Exception while invoking method 'login' { stack: 'ReferenceError: id is not defined\n at Object.handleOauthRequest (packages/wekan-oidc.js:39:68)\n at OAuth._requestHandlers.(anonymous function) (packages/oauth2.js:27:31)\n at middleware (packages/oauth.js:203:5)\n at packages/oauth.js:176:5',
source: 'method' }
```
Looking at the sources, that error message seems to be right: we have several references to `id`, `uid`, `displayName` or `email`, which are not defined. Probably a typo, assuming we meant these to be strings.
Applying that patch, I confirm I can finally log in:
```
XXX: getUserInfo response: { sub: 'demoone' }
XXX: userinfo: { sub: 'demoone' }
XXX: serviceData: { id: undefined,
username: undefined,
fullname: undefined,
accessToken: 'e57dc4e9e81cc98c279db3ed08b1c72f',
expiresAt: 1556298699213,
email: undefined }
XXX: profile: { name: undefined, email: undefined }
```
All the credit goes to @pcurie .
