In version 8, this dependency is removed, and developers will be able to pick from IdentityServer or any other number of OpenId Connect and OAuth 2.0 implementations.
Ostensibly, these changes will make it easier to create and ship "simple" auth systems that do things like use social logins - and I look forward to trying them out as they become available.