I tinkered a bit with OAuth2 authentication lately and used https://github.com/Flowpack/Flowpack.OAuth2.Client as a base (thank your for that).
I built a first draft for Instagram Authentication on top of that package, while refining it I encountered 3 key problems however:
*) Using the package as base for my own authentication has the side effect of bringing a full fledged facebook configuration with it which I don't need (but which prevents me from using "allTokens" as strategy - unless I introduce a requestPattern to solve that)
*) I expect people will have a very hard time using this package as base due to lack of documentation - in my case afoeder kindly pasted me some details and ChristianM ( ) helped me out on some issues
*) There are multiple packages out atm (Christians Bootstrap Package https://github.com/neos/twitter-bootstrap, the GA plugin, etc.) and they all seem to have a different way of handling the authentication
The easiest way to continue for me would be putting the classes I need from the Flowpack.OAuth2 package into my own (interfaces, abstract), but package wise this would be a bad approach - I strongly agree with Dmitri on the fact that "Packages should serve a single purpose" in this case I could imagine a "Flowpack.OAuth2.Client" package that serves the single purpose of "Providing a base for implementing a custom OAuth2 authentication process" (which it actually could do very well with some tweaks)
Long story short: Is there something on the roadmap on how this should be handled in the future and what is the suggestion of the Neos team on how to continue.