DigitalOcean Auth Provider (#351)

* DigitalOcean provider

* documentation: digitalocean provider

* changelog: digitalocean provider

* codeowners: digitalocean provider

docs/2_auth.md

@@ -20,6 +20,7 @@ Valid providers are :
 - [LinkedIn](#linkedin-auth-provider)
 - [login.gov](#logingov-provider)
 - [Nextcloud](#nextcloud-provider)
+- [DigitalOcean](#digitalocean-auth-provider)
 
 The provider can be selected using the `provider` configuration value.
 
@@ -320,6 +321,23 @@ to setup the client id and client secret. Your "Redirection URI" will be
 
 Note: in *all* cases the validate-url will *not* have the `index.php`.
 
+### DigitalOcean Auth Provider
+
+1. [Create a new OAuth application](https://cloud.digitalocean.com/account/api/applications)
+    * You can fill in the name, homepage, and description however you wish.
+    * In the "Application callback URL" field, enter: `https://oauth-proxy/oauth2/callback`, substituting `oauth2-proxy` with the actual hostname that oauth2_proxy is running on. The URL must match oauth2_proxy's configured redirect URL.
+2. Note the Client ID and Client Secret.
+
+To use the provider, pass the following options:
+
+```
+   --provider=digitalocean
+   --client-id=<Client ID>
+   --client-secret=<Client Secret>
+```
+
+ Alternatively, set the equivalent options in the config file. The redirect URL defaults to `https://<requested host header>/oauth2/callback`. If you need to change it, you can use the `--redirect-url` command-line option.
+
 ## Email Authentication
 
 To authorize by email domain use `--email-domain=yourcompany.com`. To authorize individual email addresses use `--authenticated-emails-file=/path/to/file` with one email per line. To authorize all email addresses use `--email-domain=*`.