Registration/Login using Oath or email/password with hyperledger-fabric-ca

Question

I'm new to Hyperledger Fabric development and I'm trying to make a user friendly registration.
For example:
+ Using Oauth from google account.
+ Or using traditional email-password registration.

I've read the hyperledger fabric document and tried some of its examples. All I know is that the new identity creation process is like this:
1. Get an admin identity from fabric-ca server, by using fabric-ca client, or SDK.
2. Register new identity using that admin identity.
3. Then the fabric-ca server will send back new identity's ID and secret code(so-called password).
4. User will use that ID & secret code to enroll new user, as well as create transactions, etc.

So, my question is:

1. What additional work should I do to make registration/login process look like traditional Oauth or user/email registration.
   
2. Where should I store the additional information of user, like email, password, birthday, etc
   (I read this question before: User registration & login in Hyperledger fabric, so I think that there's a way to do it, but did not figured it out yet).

Answer 1

You can use Ldap for identity authentication and use mysql or postgres any these databases to connect with fabric-ca. since you will use ldap , you will be able to do signup using normal email and password and this is the recommended way to do as per hyperledger fabric docs.

The Fabric CA server can be configured to read from an LDAP server.

In particular, the Fabric CA server may connect to an LDAP server to do the following:

authenticate an identity prior to enrollment retrieve an identity’s attribute values which are used for authorization. Modify the LDAP section of the Fabric CA server’s configuration file to configure the server to connect to an LDAP server.

ldap:
   # Enables or disables the LDAP client (default: false)
   enabled: false
   # The URL of the LDAP server
   url: <scheme>://<adminDN>:<adminPassword>@<host>:<port>/<base>
   userfilter: <filter>
   attribute:
      # 'names' is an array of strings that identify the specific attributes
      # which are requested from the LDAP server.
      names: <LDAPAttrs>
      # The 'converters' section is used to convert LDAP attribute values
      # to fabric CA attribute values.
      #
      # For example, the following converts an LDAP 'uid' attribute
      # whose value begins with 'revoker' to a fabric CA attribute
      # named "hf.Revoker" with a value of "true" (because the expression
      # evaluates to true).
      #    converters:
      #       - name: hf.Revoker
      #         value: attr("uid") =~ "revoker*"
      #
      # As another example, assume a user has an LDAP attribute named
      # 'member' which has multiple values of "dn1", "dn2", and "dn3".
      # Further assume the following configuration.
      #    converters:
      #       - name: myAttr
      #         value: map(attr("member"),"groups")
      #    maps:
      #       groups:
      #          - name: dn1
      #            value: client
      #          - name: dn2
      #            value: peer
      # The value of the user's 'myAttr' attribute is then computed to be
      # "client,peer,dn3".  This is because the value of 'attr("member")' is
      # "dn1,dn2,dn3", and the call to 'map' with a 2nd argument of
      # "group" replaces "dn1" with "client" and "dn2" with "peer".
      converters:
        - name: <fcaAttrName>
          value: <fcaExpr>
      maps:
        <mapName>:
            - name: <from>
              value: <to>

For more info , visit the Fabric-CA docs here.