As a returning user with an approved account, I should be able to log in using pre-approved external credentials, such as Github or NCSA Kerberos.

Preconditions:

• User has previously signed-in with an approved CILogon IDP (creating a record in etcd for this user)
• Admin has approved user's access request (changing the status to "approved")

Primary flow:

• User selects "Sign in with ______" link (for some supported IDP)
• User is redirected to Oauth IDP for authentication, enters credentials
• On success, user is authorized to access NDS Labs and redirected to dashboard with a valid JWT

Alternate flows:

• Invalid credentials