Support OAuth 2 based authentication

[kwin]

New feature, improvement proposal

Next to HTTP Basic Auth and TLS Certificates there should be support for OAuth tokens being retrieved first and then being sent along via Authorization: Bearer ... as defined in https://www.rfc-editor.org/rfc/rfc6750.

This requires additional requests for retrieving the token via a non-interactive or interactive OAuth flow.

[jiteshkhatri11]

This would be a valuable enhancement, especially for enterprise environments using modern artifact repository authentication.

A possible implementation approach could be introducing an OAuth authentication provider abstraction that retrieves and refreshes bearer tokens, while transporters consume them through standard Authorization: Bearer headers.

It may also be useful to support both:

• non-interactive flows (client credentials, service accounts)
• interactive/device flows for developer environments

I’d be interested in exploring this issue further and contributing a possible implementation.