From f945d10d480f74a6f0a251cbac1dabb98250adef Mon Sep 17 00:00:00 2001 From: hsiegeln <37154749+hsiegeln@users.noreply.github.com> Date: Sun, 26 Apr 2026 18:57:09 +0200 Subject: [PATCH] feat(auth): AuthCapabilitiesResponse DTO --- .../app/dto/AuthCapabilitiesResponse.java | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 cameleer-server-app/src/main/java/com/cameleer/server/app/dto/AuthCapabilitiesResponse.java diff --git a/cameleer-server-app/src/main/java/com/cameleer/server/app/dto/AuthCapabilitiesResponse.java b/cameleer-server-app/src/main/java/com/cameleer/server/app/dto/AuthCapabilitiesResponse.java new file mode 100644 index 00000000..7466af68 --- /dev/null +++ b/cameleer-server-app/src/main/java/com/cameleer/server/app/dto/AuthCapabilitiesResponse.java @@ -0,0 +1,23 @@ +package com.cameleer.server.app.dto; + +import io.swagger.v3.oas.annotations.media.Schema; + +@Schema(description = "Authentication capabilities reported to the SPA so it can render the login page deterministically") +public record AuthCapabilitiesResponse( + @Schema(description = "OIDC interactive login capability") Oidc oidc, + @Schema(description = "Local username/password account capability") LocalAccounts localAccounts +) { + + @Schema(description = "OIDC interactive login") + public record Oidc( + @Schema(description = "Whether OIDC is configured AND enabled") boolean enabled, + @Schema(description = "Best-effort display label, e.g. \"Logto\", \"Keycloak\", \"Single Sign-On\"") String providerName, + @Schema(description = "When true, OIDC is the canonical entry point and the SPA hides the local form unless ?local is set") boolean primary + ) {} + + @Schema(description = "Local username/password accounts") + public record LocalAccounts( + @Schema(description = "Whether the local form is reachable at all") boolean enabled, + @Schema(description = "When true, the SPA gates the local form behind ?local with an admin-recovery banner") boolean adminRecoveryOnly + ) {} +}