Corentin
07d0b66fda
Ajoute un flow d'authentification OIDC via Authentik (ou tout IdP conforme),
desactive par defaut. Le code est dormant tant que OIDC_ENABLED=true n'est
pas pose.
Server :
- apps/server/src/core/auth/oidc/oidc.module.ts (nouveau)
- apps/server/src/core/auth/oidc/oidc.service.ts (discovery + PKCE + callback + JIT provisioning)
- apps/server/src/core/auth/oidc/oidc.controller.ts (routes /api/auth/oidc/{login,callback,status})
- apps/server/src/core/auth/oidc/oidc.service.spec.ts (8 tests Jest, openid-client mocke)
- apps/server/src/integrations/environment/environment.service.ts : +9 getters OIDC
- apps/server/src/core/core.module.ts : +OidcModule dans imports
Client :
- apps/client/src/features/auth/queries/oidc-query.ts (hook useOidcStatus)
- apps/client/src/features/auth/components/oidc-login-button.tsx (bouton conditionnel)
- apps/client/src/features/auth/components/login-form.tsx : +OidcLoginButton
Securite :
- PKCE S256 obligatoire
- State CSRF en cookie httpOnly signe (5 min)
- Verification JWKS auto via openid-client v6
- Refetch userInfo apres echange du code
- JIT provisioning strict par defaut (OIDC_AUTO_PROVISION=false)
Lib : openid-client v6.8.2 (deja en deps), import lazy.
Documente dans ACADENICE_PATCHES.md (Patch 002) et .env.example.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .github/workflows | ||
| apps | ||
| packages | ||
| patches | ||
| .dockerignore | ||
| .env.example | ||
| .gitignore | ||
| .gitmodules | ||
| .npmrc | ||
| ACADENICE_PATCHES.md | ||
| crowdin.yml | ||
| docker-compose.yml | ||
| Dockerfile | ||
| LICENSE | ||
| nx.json | ||
| package.json | ||
| pnpm-lock.yaml | ||
| pnpm-workspace.yaml | ||
| README.md | ||
DocAdenice
Fork Acadenice de Docmost, customise pour formation-hub. Nom de marque temporaire en attendant le rebranding complet (logo, design system, manifest PWA). Voir
ACADENICE_PATCHES.mdpour la liste des patches custom appliques sur l'upstream.
Docmost
Open-source collaborative wiki and documentation software.
Website |
Documentation |
Twitter / X
Getting started
To get started with Docmost, please refer to our documentation or try our cloud version .
Features
- Real-time collaboration
- Diagrams (Draw.io, Excalidraw and Mermaid)
- Spaces
- Permissions management
- Groups
- Comments
- Page history
- Search
- File attachments
- Embeds (Airtable, Loom, Miro and more)
- Translations (10+ languages)
Screenshots
License
Docmost core is licensed under the open-source AGPL 3.0 license.
Enterprise features are available under an enterprise license (Enterprise Edition).
All files in the following directories are licensed under the Docmost Enterprise license defined in packages/ee/License.
- apps/server/src/ee
- apps/client/src/ee
- packages/ee
Contributing
See the development documentation
Thanks
Special thanks to;
Crowdin for providing access to their localization platform.
Algolia for providing full-text search to the docs.