feat: add ldap and oidc sso (#500)

* wip: sso * feat: add ldap client and provider * feat: implement login form * feat: finish sso * fix: lint and format issue * chore: address pull request feedback * fix: build not working * fix: oidc is redirected to internal docker container hostname * fix: build not working * refactor: migrate to ldapts * fix: format and frozen lock file * fix: deepsource issues * fix: unit tests for ldap authorization not working * refactor: remove unnecessary args from dockerfile * chore: address pull request feedback * fix: use console instead of logger in auth env.mjs * fix: default value for auth provider of wrong type * fix: broken lock file * fix: format issue
2024-07-20 22:23:58 +02:00
parent 5da74ca7e0
commit dc75ffb9e6
27 changed files with 1112 additions and 189 deletions
--- a/turbo.json
+++ b/turbo.json
@@ -4,12 +4,40 @@
    "**/.env"
  ],
  "globalEnv": [
-    "DATABASE_URL",
-    "AUTH_DISCORD_ID",
-    "AUTH_DISCORD_SECRET",
-    "AUTH_REDIRECT_PROXY_URL",
+    "AUTH_LDAP_BASE",
+    "AUTH_LDAP_BIND_DN",
+    "AUTH_LDAP_BIND_PASSWORD",
+    "AUTH_LDAP_GROUP_CLASS",
+    "AUTH_LDAP_GROUP_FILTER_EXTRA_ARG",
+    "AUTH_LDAP_GROUP_MEMBER_ATTRIBUTE",
+    "AUTH_LDAP_GROUP_MEMBER_USER_ATTRIBUTE",
+    "AUTH_LDAP_SEARCH_SCOPE",
+    "AUTH_LDAP_URI",
+    "AUTH_OIDC_CLIENT_ID",
+    "AUTH_OIDC_CLIENT_NAME",
+    "AUTH_OIDC_CLIENT_SECRET",
+    "AUTH_OIDC_ISSUER",
+    "AUTH_OIDC_SCOPE_OVERWRITE",
+    "AUTH_LDAP_USERNAME_ATTRIBUTE",
+    "AUTH_LDAP_USER_MAIL_ATTRIBUTE",
+    "AUTH_LDAP_USERNAME_FILTER_EXTRA_ARG",
+    "AUTH_OIDC_AUTO_LOGIN",
+    "AUTH_PROVIDERS",
    "AUTH_SECRET",
-    "AUTH_URL"
+    "CI",
+    "DB_URL",
+    "DB_HOST",
+    "DB_USER",
+    "DB_PASSWORD",
+    "DB_NAME",
+    "DB_PORT",
+    "DB_DRIVER",
+    "DOCKER_HOSTNAMES",
+    "DOCKER_PORTS",
+    "NODE_ENV",
+    "PORT",
+    "SKIP_ENV_VALIDATION",
+    "VERCEL_URL"
  ],
  "ui": "stream",
  "tasks": {