Open to PR for Joplin Server SSO support?

(I posted this to Features, but I think it might've gotten buried.)

I guess this is kind of a feature question as well, I suppose. I want to self-host Joplin Server for my own use, but I use single sign-on for all my self-hosted apps.

Would maintainers be open to a PR adding OpenID Connect support to Joplin Server? The idea would be to have a "Or log in with single sign-on" link on the login page, then an "App Passwords" section of the user form/profile page. SSO users would then use the app passwords for authentication in the Joplin clients.

Just tinkering, I've got OIDC login working, but don't want to code up the app password hashing/storage/UI/&c. unless there's interest in a PR.

(As an aside, this came about bc I couldn't find an acceptable way to sync Joplin notes with the sync targets when using SSO. I use Seafile, which doesn't support SSO for WebDAV; there's no Android client that actively syncs filesystem to Seafile with SSO credentials, so I can't use filesystem sync; and Joplin Server doesn't yet support SSO.)

Bump? I'm willing to write this feature, just wanted to get feedback before sinking the time.

Hmm, I'm not sure. I guess that's a lot of work on client and server side? And I'm not sure we have the resources to review and maintain this code.

I'm using openid-client, so the actual SSO implementation is fairly minimal. The main part would be the app password handling, which I think would just need to link into the initial token endpoint for the API.

Really the only client-side change is in the profile page in the server portal, where users will be able to add/delete app passwords.

How widespread OpenID actually is? I remember creating an account a decade ago, but I've never used it much (in StackExchange only I think). Because any fearure we add is something that needs to be maintained forever afterwards, so if it's only for one or two users it doesn't make much sense.

It would also need to be optional since supporting this for example in Joplin Cloud would not be easy (since account creation is via Stripe).

Finally remember that it needs to work in mobile too. Many npm packages assume a Node environment which is not present in React Native.