Public/pics
2
2
Fork 3
Code Issues 5 Pull Requests 1 Releases Wiki Activity

Add OIDC login support for external identity providers #56

Open
yorick wants to merge 2 commits from yorick/pics:add-oidc into master
pull from: yorick/pics:add-oidc
merge into: Public:master
Conversation 0 Commits 2 Files Changed 9 +222 -8

2 Commits

Author SHA1 Message Date
Yorick van Pelt
d631a07d3d Match OIDC users by sub claim, auto-enroll, sync admin from groups 
Switch from email-based OIDC matching to the stable `sub` claim.
Existing users are migrated by email on first login, new users are
auto-enrolled from OIDC claims, and admin status is synced from the
IdP's groups claim. Also expose oidc_sub on the admin edit-user page.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 20:04:22 +01:00
Yorick van Pelt
65d5cb62e5 Add OIDC login support for external identity providers 
Adds "Login with <provider>" as an alternative login method using the
jumbojett/openid-connect-php library. OIDC users must already exist in
the database (matched by email). Configurable via OIDC_PROVIDER_URL,
OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, and OIDC_PROVIDER_NAME constants.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 20:03:20 +01:00