audiobookshelf/server
Boris Rybalkin d6cfdd3bec Add configurable OIDC group-to-role mapping
Currently OIDC group-based role assignment only recognizes groups named
'admin', 'user', or 'guest' (case-insensitive), and denies login when a
user's groups match none of them. This makes group-based roles unusable
with identity providers whose group names differ, and offers no way to
admit such users with a default role.

Add two optional server settings:
- authOpenIDAdminGroups: comma-separated group names mapped to the admin
  role, in addition to the built-in names.
- authOpenIDGroupDefaultRole: role assigned when no group matches,
  instead of denying login.

Both default to empty, preserving current behavior. Includes the auth
settings UI fields, en-us strings, and unit tests for setUserGroup.
2026-06-06 19:02:17 +01:00
..
auth Add configurable OIDC group-to-role mapping 2026-06-06 19:02:17 +01:00
controllers Add ignoreDuplicates for bookAuthor when renaming to respect unique index 2026-05-21 21:06:17 -07:00
finders Improved subtitle parsing to account for bare colon in title 2026-02-06 14:31:09 -05:00
libs Add fuse.basic.min.js in libs instead of full npm package, use lower threshold for quick matching 2025-06-13 17:23:24 -05:00
managers fix: set correct Content-Type for RSS feed audio files 2026-05-02 22:13:35 -04:00
migrations Rename migration to v2.35.0 & merge master 2026-04-30 16:08:24 -05:00
models Update Sequelize where query for User username/email case insensitive 2026-05-28 14:49:49 -05:00
objects Add configurable OIDC group-to-role mapping 2026-06-06 19:02:17 +01:00
providers Fix server crash on audible match #4931 2025-12-23 16:44:29 -06:00
routers Fix item_removed payload to include libraryId 2026-03-31 22:02:52 +03:00
scanner Cleanup abmetadata file parsing & fix server crash #5268 #4287 #5142 2026-05-27 17:33:14 -05:00
utils Fix typo on onTest notification body 2026-05-30 15:43:50 -05:00
Auth.js Add additional debug logs for OIDC login 2025-08-15 17:23:20 -05:00
Database.js Update API Keys to be tied to a user, add apikey lru-cache, handle deactivating expired keys 2025-06-30 14:53:11 -05:00
Logger.js Simplify log level determination 2025-03-08 12:46:36 -07:00
Server.js Update for nextjs client, pass all remaining requests through to nextjs 2025-09-28 09:41:15 -05:00
SocketAuthority.js Update socket events to check client is admin & validate log level 2026-05-12 16:57:28 -05:00
Watcher.js Add: generic function to ignor files 2025-02-22 12:28:51 -07:00