OAuth account email merging

[romanalexander]

In a situation where an OAuth provider revokes your client id, all users using that SSO will be locked out- for example, if Twitch bans the application's client id. Currently if you sign up using Twitch OAuth then try to sign in using the same email through Google OAuth you will be prompted to make a new username. Multiple OAuths manually entered through /profile/authentication works properly.

Some considerations:

• Twitch returns a user entered case-sensitive email
• Google returns a lowercase email and supports wildcard addresses (like [email protected])that other providers may return
• Users may now already have duplicated accounts that needs to be resolved.