Add OIDC login support for external identity providers

Adds "Login with <provider>" as an alternative login method using the jumbojett/openid-connect-php library. OIDC users must already exist in the database (matched by email). Configurable via OIDC_PROVIDER_URL, OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, and OIDC_PROVIDER_NAME constants. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-14 16:08:45 +01:00
parent c862d14e45
commit a361df2668
5 changed files with 102 additions and 1 deletions
--- a/templates/LogInForm.php
+++ b/templates/LogInForm.php
@@ -63,5 +63,18 @@ class LogInForm extends SubTemplate
 								</div>
 							</div>
 						</form>';
+
+		if (!empty(OIDC_PROVIDER_URL))
+		{
+			$oidc_url = BASEURL . '/oidclogin/';
+			if (!empty($this->redirect_url))
+				$oidc_url .= '?redirect=' . base64_encode($this->redirect_url);
+
+			echo '
+						<div class="mt-4 text-center">
+							<hr>
+							<a class="btn btn-secondary" href="', htmlspecialchars($oidc_url), '">Login with ', htmlspecialchars(OIDC_PROVIDER_NAME), '</a>
+						</div>';
+		}
 	}
 }