OAuth2 / JWT / OpenID Connect for mocking auth... which isn't that different from doing it for real, actually.