Add multiple login support, fix Google-related login issues

[tms]

When the Google login got converted from OpenID to OAuth it introduced the big issue of tying the user authentication to the unreliable User.Email value, resulting in instances where the user changes their email and loses access to their account. Similarly, if the user was preexisting but had changed their email, their old OpenID auth claim wasn't recognized, and they too ended up with a new, incorrect account.

I moved Google OAuth auth claims to the now-generic UserAuthClaim table to associate the login to the user independent of the User.Email value. I also requested the additional upgrade information in the Google auth flow to tie the new claim to an existing OpenID claim for the same account, if one exists. This is just an extension of the token request, so it comes back as information we were already requesting if we ask for it.

To top things off, I refactored the login to also just allow for multiple login methods, since there wasn't really a good reason we weren't doing this before. This required some extra UI to display the multiple methods, so there's now a "My Logins" page in the user profile:

Related items on the todo list:

• Add ability to remove login methods
• Merge accounts that diverged because of above issue as necessary (manual work)
• Fix return URL not working with Google login
• Additional cleanup of the profile HTML and query management, since it's user-hostile right now

As a side note, the AD logins could have been worked in with this model as well, but I saw no point since it presumably works fine as-is and doesn't have the same problems referencing User.Email does.

[kenorb]

Related bug: Data explorer site created new jon.doe account, instead of logging me to the old one at Meta.SE

[wimglenn]

me too https://meta.stackexchange.com/questions/306567/how-do-i-get-into-my-data-stackexchange-com-account