Public/pics
2
2
Fork 3
Code Issues 5 Pull Requests 1 Releases Wiki Activity

Add OIDC login support for external identity providers

Browse Source 
Adds "Login with <provider>" as an alternative login method using the
jumbojett/openid-connect-php library. OIDC users must already exist in
the database (matched by email). Configurable via OIDC_PROVIDER_URL,
OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, and OIDC_PROVIDER_NAME constants.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Yorick van Pelt
2026-02-14 16:08:45 +01:00
parent b0ee3081a6
commit 65d5cb62e5
5 changed files with 102 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
config.php.dist
View File

@@ -34,3 +34,9 @@ const DB_LOG_QUERIES = false;
const SITE_TITLE = 'HashRU Pics';
const SITE_SLOGAN = 'Nijmeegs Nerdclubje';
// OIDC authentication (e.g. Kanidm). OIDC is enabled when OIDC_PROVIDER_URL is non-empty.
const OIDC_PROVIDER_URL = ''; // e.g. 'https://kanidm.example.com/oauth2/openid/pics'
const OIDC_CLIENT_ID = '';
const OIDC_CLIENT_SECRET = '';
const OIDC_PROVIDER_NAME = ''; // e.g. 'Kanidm' — used as button label