Implement authentication via OpenIdConnect and OAuth2

The new subproject "oidc" handles all the details for working with an OpenID Connect provider (like keycloak) or only OAuth2 - only supporting the "Authorization Code Flow" for both variants.
2025-06-22 02:18:26 +00:00 · 2021-09-05 16:29:42 +02:00
parent 48b35e175f
commit b73c252762
17 changed files with 902 additions and 5 deletions
--- a/build.sbt
+++ b/build.sbt
@ -502,6 +502,24 @@ val backend = project
  )
  .dependsOn(store, joexapi, ftsclient, totp)

+val oidc = project
+  .in(file("modules/oidc"))
+  .disablePlugins(RevolverPlugin)
+  .settings(sharedSettings)
+  .settings(testSettingsMUnit)
+  .settings(
+    name := "docspell-oidc",
+    libraryDependencies ++=
+      Dependencies.loggingApi ++
+        Dependencies.fs2 ++
+        Dependencies.http4sClient ++
+        Dependencies.http4sCirce ++
+        Dependencies.http4sDsl ++
+        Dependencies.circe ++
+        Dependencies.jwtScala
+  )
+  .dependsOn(common)
+
 val webapp = project
  .in(file("modules/webapp"))
  .disablePlugins(RevolverPlugin)
@ -615,7 +633,7 @@ val restserver = project
      }
    }
  )
-  .dependsOn(restapi, joexapi, backend, webapp, ftssolr)
+  .dependsOn(restapi, joexapi, backend, webapp, ftssolr, oidc)

 // --- Website Documentation

@ -695,7 +713,8 @@ val root = project
    restserver,
    query.jvm,
    query.js,
-    totp
+    totp,
+    oidc
  )

 // --- Helpers