madapes/madbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
madbase/.trae/documents/plan_20260311_230519.md

1.7 KiB
Raw Permalink Blame History

Implement Phase 5.1: Advanced Authentication

I will implement Extended OAuth Providers and Enterprise SSO (OIDC).

1. Extended OAuth Providers

Goal: Add support for Azure (Microsoft), GitLab, Bitbucket, and Discord.

  • Config: Update common/src/config.rs to read new env vars:
    • AZURE_CLIENT_ID / _SECRET
    • GITLAB_CLIENT_ID / _SECRET
    • BITBUCKET_CLIENT_ID / _SECRET
    • DISCORD_CLIENT_ID / _SECRET
  • Implementation: Update auth/src/oauth.rs:
    • Extend get_client with new provider URLs.
    • Extend fetch_user_profile with new user info endpoints and parsing logic.

2. Enterprise SSO (OIDC)

Goal: Implement OIDC support for enterprise identity providers (e.g., Okta, Auth0, Google Workspace).

  • Dependencies: Add openidconnect to auth/Cargo.toml.
  • Schema: Create auth.sso_providers table to store OIDC config per domain/project.
    • Columns: id, resource_id, domain, oidc_issuer_url, oidc_client_id, oidc_client_secret, created_at, updated_at.
  • Implementation: Create auth/src/sso.rs.
    • POST /auth/v1/sso: Accepts domain or provider_id. Discovers OIDC config, generates authorization URL.
    • GET /auth/v1/sso/callback: Handles the code exchange, fetches user info, creates/links user.

Execution Steps

  1. Update Config: Modify common/src/config.rs.
  2. Add Dependencies: Update auth/Cargo.toml.
  3. Schema Migration: Create migrations/20260312000001_add_sso.sql.
  4. Implement OAuth: Update auth/src/oauth.rs.
  5. Implement SSO: Create auth/src/sso.rs.
  6. Register Routes: Update auth/src/lib.rs.
Reference in New Issue View Git Blame Copy Permalink