Content
View differences
Updated by Oliver Günther over 1 year ago
<br>
**As** an OpenProject admin
**I want to** be able to configure OpenID provider using a user interface
**so that** I don't have to use a command line and can see potential errors more easily.
**Acceptance criteria**
* **Navigation**
* OpenID provider configurations are accessible under Administration -> Authentication -> OIDC providers
* **Index page**
* When no OIDC providers are setup show a BlankSlate
* When OIDC providers are setup show all complete and incomplete OIDC providers
* Show name, type, users, "created by" and "created on"
* When a provider is incomplete (see below required fields) show the "incomplete" tag
* **Add Button**
* The admin can add a new OIDC provider" by clicking on the "Add OIDC provider" button
* This button is a drop down like for adding a storage
* The dropdown shows following options
* Google
* Microsoft Entra
* Custom
* **Create form**
* Overview
* All sections are editable in the creation form
* Basic details
* Name Name, required and needs to be filled by admin
* Automatic configuration
* The user should be able to optionally use a Discovery endpoint
* After entering the URL, the form will fetch data from the OpenID Discovery endpoint
* After getting a successful response the form copies the fetched values into the form (see attributes above)
* After a unsuccessful response show an error message
* This endpoint will fill the inputs in the next section (Advanced configuration)
* Advanced configuration
* Show a info box when the information was supplied through automatic configuration
* The inputs are editable
* All inputs
* authorization\_endpoint (required)
* userinfo\_endpoint (required)
* token\_endpoint (required)
* end\_session\_endpoint
* jwks\_uri
* issuer (required)
* optiional logo
* Client Details
* Admin needs to fill "Client ID" and "Client Secret"
* "Limit self-registration" is optional
* Attribute mapping
* Optional definition of attributes in userinfo endpoint to map to OpenProject attributes
* login, email, first and last names
* When "Google" was chosen
* The Google discovery endpoint is already known. Therefore the UX should be simplified.
* Automatic and Advanced configuration sections are not shown
* When "Entra" was chosen
* An extra input called Tenant" (string - default value "common") is shown in "Basic details"
* Entra discovery endpoint can be constructed from tenant. By default it should be `common`.
* Admin should be able to change tenant.
**As** an OpenProject admin
**I want to** be able to configure OpenID provider using a user interface
**so that** I don't have to use a command line and can see potential errors more easily.
**Acceptance criteria**
* **Navigation**
* OpenID provider configurations are accessible under Administration -> Authentication -> OIDC providers
* **Index page**
* When no OIDC providers are setup show a BlankSlate
* When OIDC providers are setup show all complete and incomplete OIDC providers
* Show name, type, users, "created by" and "created on"
* When a provider is incomplete (see below required fields) show the "incomplete" tag
* **Add Button**
* The admin can add a new OIDC provider" by clicking on the "Add OIDC provider" button
* This button is a drop down like for adding a storage
* The dropdown shows following options
* Microsoft Entra
* Custom
* **Create form**
*
* All sections are editable in the creation form
*
* Name
* Automatic configuration
* The user should be able to optionally use a Discovery endpoint
* After entering the URL, the form will fetch data from the OpenID Discovery endpoint
* After getting a successful response the form copies the fetched values into the form (see attributes above)
* After a unsuccessful response show an error message
* This endpoint will fill the inputs in the next section (Advanced configuration)
* Admin needs to fill "Client ID" and "Client Secret"
* "Limit self-registration" is optional
* Attribute mapping
* Optional definition of attributes in userinfo endpoint to map to OpenProject attributes
* login, email, first and last names
* When "Google" was chosen
* The Google discovery endpoint is already known. Therefore the UX should be simplified.
* Automatic and Advanced configuration sections are not shown
* When "Entra" was chosen
* An extra input called Tenant" (string - default value "common") is shown in "Basic details"
* Entra discovery endpoint can be constructed from tenant. By default it should be `common`.
* Admin should be able to change tenant.