cameleer/cameleer-server
1
0
Fork 0
Code Issues 42 Pull Requests Actions Packages Projects Releases Wiki Activity

Add OIDC admin config page with auto-signup toggle
Some checks failed
CI / build (push) Successful in 1m12s
Details
CI / docker (push) Successful in 50s
Details
CI / deploy (push) Failing after 2m10s
Details

Browse Source 
Backend: add autoSignup field to OidcConfig, ClickHouse schema, repository,
and admin controller. Gate OIDC login when auto-signup is disabled and user
is not pre-created (returns 403).

Frontend: add OIDC admin page with full CRUD (save/test/delete), role-gated
Admin nav link parsed from JWT, and matching design system styles.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-03-14 13:56:02 +01:00
parent 377908cc61
commit 0c47ac9b1a
12 changed files with 802 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/OidcConfig.java
View File

@@ -11,6 +11,7 @@ import java.util.List;
* @param clientSecret OAuth2 client secret (stored server-side only)
* @param rolesClaim dot-separated path to roles in the id_token (e.g. {@code realm_access.roles})
* @param defaultRoles fallback roles for new users with no OIDC role claim
* @param autoSignup whether new OIDC users are automatically created on first login
*/
public record OidcConfig(
boolean enabled,
@@ -18,9 +19,10 @@ public record OidcConfig(
String clientId,
String clientSecret,
String rolesClaim,
List<String> defaultRoles
List<String> defaultRoles,
boolean autoSignup
) {
public static OidcConfig disabled() {
return new OidcConfig(false, "", "", "", "realm_access.roles", List.of("VIEWER"));
return new OidcConfig(false, "", "", "", "realm_access.roles", List.of("VIEWER"), true);
}
}