Skip to content

Implement OIDC authentification in project #3656

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Implement OIDC authentification in project #3656

wants to merge 6 commits into from

Conversation

@edwin-anne
Copy link

This pull request introduces OpenID Connect (OIDC) authentication support, including frontend settings management, backend configuration endpoints, and login integration. It also adds new database infrastructure for storing settings and updates dependencies to support OIDC. The following are the most significant changes:

OIDC Authentication Implementation

  • Added OIDC login flow to the login page, including a button to initiate OIDC authentication and logic to redirect users to the OIDC provider. (src/app/login/LoginForm.tsx) [1] [2] [3]
  • Implemented OIDC authorization and callback API routes for handling the OIDC authentication flow, exchanging tokens, and managing user sessions. (src/app/api/auth/oidc/authorize/route.ts, src/app/api/auth/oidc/callback/route.ts) [1] [2]
  • Updated SSO authentication route to simplify token handling. (src/app/api/auth/sso/route.ts) [1] [2]

Settings Management

  • Added a new OIDC settings page in the admin UI, allowing administrators to configure OIDC parameters such as issuer URL, client ID, secret, redirect URI, scopes, and username claim. (src/app/(main)/settings/OIDCSettingsPage.tsx, src/app/(main)/settings/oidc/page.tsx, src/app/(main)/settings/SettingsLayout.tsx) [1] [2] [3]
  • Created backend API endpoints for reading and updating OIDC settings, with validation and admin access control. (src/app/api/admin/oidc/route.ts)

Database Schema and Migrations

  • Added a new setting table to both MySQL and PostgreSQL databases for storing application settings, including OIDC configuration. (db/mysql/migrations/14_add_setting/migration.sql, db/postgresql/migrations/14_add_setting/migration.sql) [1] [2]
  • Updated Prisma schema to include the new Setting model for both MySQL and PostgreSQL. (db/mysql/schema.prisma, db/postgresql/schema.prisma) [1] [2]

Dependency Updates

  • Added required dependencies for OIDC support, including openid-client, jose, and oauth4webapi, and updated lock files accordingly. (package.json, pnpm-lock.yaml) [1] [2] [3] [4] [5] [6] [7] [8]
@vercel
Copy link

vercel bot commented Oct 17, 2025

@edwin-anne is attempting to deploy a commit to the umami-software Team on Vercel.

A member of the Team first needs to authorize it.
@greptile-apps
Copy link
Contributor

greptile-apps bot commented Oct 17, 2025

Greptile encountered an error while reviewing this PR. Please reach out to support@greptile.com for assistance.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant

@edwin-anne