audiobookshelf/test/server/auth
Boris Rybalkin d6cfdd3bec Add configurable OIDC group-to-role mapping
Currently OIDC group-based role assignment only recognizes groups named
'admin', 'user', or 'guest' (case-insensitive), and denies login when a
user's groups match none of them. This makes group-based roles unusable
with identity providers whose group names differ, and offers no way to
admit such users with a default role.

Add two optional server settings:
- authOpenIDAdminGroups: comma-separated group names mapped to the admin
  role, in addition to the built-in names.
- authOpenIDGroupDefaultRole: role assigned when no group matches,
  instead of denying login.

Both default to empty, preserving current behavior. Includes the auth
settings UI fields, en-us strings, and unit tests for setUserGroup.
2026-06-06 19:02:17 +01:00
..
OidcAuthStrategy.test.js Add configurable OIDC group-to-role mapping 2026-06-06 19:02:17 +01:00