I'm planning to implement OAuth2 for my site and so far have member creation handled but need to sign in if they've authenticated too, while still allowing standard login.

Reading through available documentation it says to extend

Authenticator

and

LoginForm

which makes sense however looking around at others OAuth implementation they haven't done this at all, it's quite different, and most are very old.

What I believe I should be doing is:

MemberAuthenticator:
  extensions:
    - PlatformMemberExtension
MemberLoginForm:
  extensions:
    - PlatformLoginForm

class PlatformAuthenticator extends MemberAuthenticator {
	protected static function authenticate_member($data, $form, &$success) {
		//custom code here
	}
}

class PlatformLogin extends MemberLoginForm {
	// Not sure what to add here?
}

Is this the right track or should I be doing it differently?