cameleer/cameleer-server
1
0
Fork 0
Code Issues 42 Pull Requests Actions Packages Projects Releases Wiki Activity

Add OIDC login flow to UI and fix dark mode datetime picker icons
All checks were successful
CI / build (push) Successful in 1m16s
Details
CI / docker (push) Successful in 50s
Details
CI / deploy (push) Successful in 31s
Details

Browse Source 
- Add "Sign in with SSO" button on login page (shown when OIDC is configured)
- Add /oidc/callback route to exchange authorization code for JWT tokens
- Add loginWithOidcCode action to auth store
- Treat issuer URI as complete discovery URL (no auto-append of .well-known)
- Update admin page placeholder to show full discovery URL format
- Fix datetime picker calendar icon visibility in dark mode (color-scheme)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-03-14 14:19:06 +01:00
parent b024f83c26
commit 84f4c505a2
8 changed files with 208 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/OidcTokenExchanger.java
View File

@@ -21,11 +21,15 @@ import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.id.Issuer;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata;
import net.minidev.json.JSONObject;
import net.minidev.json.parser.JSONParser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import java.io.InputStream;
import java.net.URI;
import java.net.URL;
import java.util.Collections;
import java.util.List;
import java.util.Map;
@@ -159,8 +163,15 @@ public class OidcTokenExchanger {
if (providerMetadata == null || !issuerUri.equals(cachedIssuerUri)) {
synchronized (this) {
if (providerMetadata == null || !issuerUri.equals(cachedIssuerUri)) {
Issuer issuer = new Issuer(issuerUri);
providerMetadata = OIDCProviderMetadata.resolve(issuer);
// Fetch the discovery document from the URI as-is — do not append
// .well-known/openid-configuration automatically, the user provides
// the complete URL.
URL discoveryUrl = new URI(issuerUri).toURL();
try (InputStream in = discoveryUrl.openStream()) {
JSONObject json = (JSONObject) new JSONParser(JSONParser.DEFAULT_PERMISSIVE_MODE)
.parse(in);
providerMetadata = OIDCProviderMetadata.parse(json);
}
cachedIssuerUri = issuerUri;
jwtProcessor = null; // Reset processor when issuer changes
log.info("OIDC provider metadata loaded from {}", issuerUri);