OXDEV-9880 Create basic skeleton

Author: TitaKoleva

composer.json

@@ -30,7 +30,11 @@
         "codeception/module-webdriver": "*",
         "oxid-esales/codeception-modules": "dev-b-7.4.x",
         "oxid-esales/codeception-page-objects": "dev-b-7.4.x",
-        "mikey179/vfsstream": "^1.6"
+        "mikey179/vfsstream": "^1.6",
+        "pragmarx/google2fa": "^v8.0.3",
+        "bacon/bacon-qr-code": "v3.0.1",
+        "league/oauth2-google": "4.0.1",
+        "league/oauth2-facebook": "2.2.0"
     },
     "minimum-stability": "dev",
     "prefer-stable": true,

src/Authentication/OAuth2/Service/Provider/ProviderInterface.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace OxidEsales\SecurityModule\Authentication\OAuth2\Service\Provider;
+
+use League\OAuth2\Client\Provider\AbstractProvider;
+use League\OAuth2\Client\Token\AccessTokenInterface;
+
+interface ProviderInterface
+{
+    /**
+     * Get the unique identifier of the provider (e.g., 'google', 'facebook').
+     */
+    public function getName(): string;
+
+    /**
+     * Get the underlying OAuth2 client (League provider instance).
+     */
+    public function getClient(): AbstractProvider;
+
+    /**
+     * Get the authorization URL to redirect the user for login/consent.
+     *
+     * @param string $state Random CSRF prevention token.
+     */
+    public function getAuthorizationUrl(string $state): string;
+
+    /**
+     * Exchange the authorization code for an access token.
+     */
+    public function getAccessToken(string $code): AccessTokenInterface;
+
+    /**
+     * Fetch user information (claims) from the provider using the access token.
+     * Should return standardized data: id, email, name, avatar, etc.
+     */
+    public function getUserInfo(AccessTokenInterface $token): array;
+
+    /**
+     * Validate the provider response.
+     */
+    public function validateToken(AccessTokenInterface $token): bool;
+}

src/Authentication/OAuth2/Service/ProviderCollectorInterface.php

@@ -0,0 +1,13 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+namespace OxidEsales\SecurityModule\Authentication\OAuth2\Service;
+
+interface ProviderCollectorInterface
+{
+    public function getProviders(): iterable;
+}

src/Authentication/TwoFactorAuth/Service/TwoFactorAuthInterface.php

@@ -0,0 +1,15 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service;
+
+interface TwoFactorAuthInterface
+{
+    public function generateQRCode(string $username): string;
+
+    public function generateOTPCode(): int;
+}