Add OIDC admin config page with auto-signup toggle

Backend: add autoSignup field to OidcConfig, ClickHouse schema, repository, and admin controller. Gate OIDC login when auto-signup is disabled and user is not pre-created (returns 403). Frontend: add OIDC admin page with full CRUD (save/test/delete), role-gated Admin nav link parsed from JWT, and matching design system styles. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-14 13:56:02 +01:00
parent 377908cc61
commit 0c47ac9b1a
12 changed files with 802 additions and 14 deletions
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/OidcConfigAdminController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/OidcConfigAdminController.java
@@ -80,7 +80,8 @@ public class OidcConfigAdminController {
                request.clientId() != null ? request.clientId() : "",
                clientSecret,
                request.rolesClaim() != null ? request.rolesClaim() : "realm_access.roles",
-                request.defaultRoles() != null ? request.defaultRoles() : List.of("VIEWER")
+                request.defaultRoles() != null ? request.defaultRoles() : List.of("VIEWER"),
+                request.autoSignup()
        );

        configRepository.save(config);
@@ -134,6 +135,7 @@ public class OidcConfigAdminController {
        map.put("clientSecretSet", !config.clientSecret().isBlank());
        map.put("rolesClaim", config.rolesClaim());
        map.put("defaultRoles", config.defaultRoles());
+        map.put("autoSignup", config.autoSignup());
        return map;
    }

@@ -143,6 +145,7 @@ public class OidcConfigAdminController {
            String clientId,
            String clientSecret,
            String rolesClaim,
-            List<String> defaultRoles
+            List<String> defaultRoles,
+            boolean autoSignup
    ) {}
 }