* feat(server): add OIDC logout URL override option
- Added toggle and field consistent with existing mobile redirect URI override.
- Existing auto-discovery remains default.
- Update tests and docs for new feature.
* fix(server): changes from review for OIDC logout URL override
- Rename 'logoutUri' to 'endSessionEndpoint'
- Remove toggle, just use override if provided
- Moved field in settings UI
* feat(server): add configurable OAuth prompt parameter
Add a `prompt` field to the OAuth system config, allowing admins to
configure the OIDC `prompt` parameter (e.g. `select_account`, `login`,
`consent`). Defaults to empty string (no prompt sent), preserving
backward compatibility.
This is useful for providers like Google where users want to be prompted
to select an account when multiple accounts are signed in.
Discussed in #20762
* chore: regenerate OpenAPI spec and clients for OAuth prompt field
* Adding e2e test cases
* feat: web setting
* feat: docs
---------
Co-authored-by: Jason Rasmussen <jason@rasm.me>
* fix!: do not allow insecure oauth requests by default
* fix: format
* fix: make open-api
* fix: tests
* nit: casing
* chore: migration to allow insecure if current oauth uses http
* faces
* add openapi descriptions
* remove dto descriptions
* gen openapi
* dtos
* fix dtos
* fix more
* fix build
* more
* complete dtos
* descriptions on rebase
* gen rebase
* revert correct integer type conversion
* gen after revert
* revert correct nullables
* regen after revert
* actually incorrect adding default here
* revert correct number type conversion
* regen after revert
* revert nullable usage
* regen fully
* readd some comments
* one more
* one more
* use enum
* add missing
* add missing controllers
* add missing dtos
* complete it
* more
* describe global key and slug
* add remaining body and param descriptions
* lint and format
* cleanup
* response and schema descriptions
* test patch according to suggestion
* revert added api response objects
* revert added api body objects
* revert added api param object
* revert added api query objects
* revert reorganized http code objects
* revert reorganize ApiOkResponse objects
* revert added api response objects (2)
* revert added api tag object
* revert added api schema objects
* migrate missing asset.dto.ts
* regenerate openapi builds
* delete generated mustache files
* remove descriptions from properties that are schemas
* lint
* revert nullable type changes
* revert int/num type changes
* remove explicit default
* readd comment
* lint
* pr fixes
* last bits and pieces
* lint and format
* chore: remove rejected patches
* fix: deleting asset from asset-viewer on search results (#25596)
* fix: escape handling in search asset viewer (#25621)
* fix: correctly show owner in album options modal (#25618)
* fix: validation issues
* fix: validation issues
---------
Co-authored-by: Jason Rasmussen <jason@rasm.me>
Co-authored-by: Min Idzelis <min123@gmail.com>
Co-authored-by: Daniel Dietzler <36593685+danieldietzler@users.noreply.github.com>
Co-authored-by: Paul Makles <me@insrt.uk>
* feat: add oauth signing algorithm setting
* chore: open api
* chore: change default to RS256
* feat: test and clean up
---------
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
* feat(server): support providers without support for custom schemas
* chore: unit tests
* chore: test mobile override
* chore: add details to the docs
