FEATURE: External auth when redeeming invites

This feature (when enabled) will allow for invite_only sites to require
external authentication before they can redeem an invite.

- Created hidden site setting to toggle this
- Enables sending invites with local logins disabled
- OAuth button added to invite form
- Requires OAuth email address to match invite email address
- Prevents redeeming invite if OAuth authentication fails

config/locales/client.en.yml

@@ -1013,6 +1013,7 @@ en:
         ok: "We will email you to confirm"
         invalid: "Please enter a valid email address"
         authenticated: "Your email has been authenticated by {{provider}}"
+        invite_email_auth_invalid: "Your invitation email does not match the email from {{provider}}"
         frequency_immediately: "We'll email you immediately if you haven't read the thing we're emailing you about."
         frequency:
           one: "We'll only email you if we haven't seen you in the last minute."
@@ -1025,7 +1026,7 @@ en:
         cancel: "Cancel"
         not_connected: "(not connected)"
         confirm_modal_title: "Connect %{provider} Account"
-        confirm_description: 
+        confirm_description:
           account_specific: "Your %{provider} account '%{account_description}' will be used for authentication."
           generic: "Your %{provider} account will be used for authentication."
 

config/site_settings.yml

@@ -327,6 +327,10 @@ login:
   enable_local_logins:
     client: true
     default: true
+  enable_invite_only_oauth:
+    client: true
+    default: false
+    hidden: true
   enable_local_logins_via_email:
     client: true
     default: true