[PR #4831] [CLOSED] Implement OIDC_AUTO_REGISTER setting #6416

Closed
opened 2026-02-05 10:31:40 +03:00 by OVERLORD · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/BookStackApp/BookStack/pull/4831
Author: @AMDHome
Created: 2/6/2024
Status: Closed

Base: developmentHead: development


📝 Commits (1)

  • 68d8ff0 Implement OIDC_AUTO_REGISTER setting

📊 Changes

4 files changed (+33 additions, -5 deletions)

View changed files

📝 .env.example.complete (+1 -0)
📝 app/Access/Oidc/OidcService.php (+10 -5)
📝 app/Access/RegistrationService.php (+19 -0)
📝 app/Config/oidc.php (+3 -0)

📄 Description

Overview

This PR adds a setting for OIDC_AUTO_REGISTER. This behaves similar to the other third party authentication setting XXXX_AUTO_REGISTER.

Behavior

Defaults to true

When set to true everything behaves as it currently does. If an account does not exist for an OIDC login, then it will be automatically created for them. If it does exist then the user can log in.

When set to false, Oidc logins will fail if a user was not created beforehand. Failure message is set to auth.failed. In order to log in you must first create an account with another admin account and manually input the External Authentication ID.

Why this would be helpful

I work for a university, and our department would like to implement bookstack while using our university's authentication services to handle logins.

Problem is anyone affiliated with the university has a login, but I only want people from my department to have access to our bookstacks instance. Everyone at this university knows their own External Authentication ID so it makes it easy for us to create the accounts manually and control who has access.


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/BookStackApp/BookStack/pull/4831 **Author:** [@AMDHome](https://github.com/AMDHome) **Created:** 2/6/2024 **Status:** ❌ Closed **Base:** `development` ← **Head:** `development` --- ### 📝 Commits (1) - [`68d8ff0`](https://github.com/BookStackApp/BookStack/commit/68d8ff0c853c85b6947fd68177923e6e6f628b55) Implement OIDC_AUTO_REGISTER setting ### 📊 Changes **4 files changed** (+33 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `.env.example.complete` (+1 -0) 📝 `app/Access/Oidc/OidcService.php` (+10 -5) 📝 `app/Access/RegistrationService.php` (+19 -0) 📝 `app/Config/oidc.php` (+3 -0) </details> ### 📄 Description ## Overview This PR adds a setting for OIDC_AUTO_REGISTER. This behaves similar to the other third party authentication setting XXXX_AUTO_REGISTER. ## Behavior Defaults to true When set to true everything behaves as it currently does. If an account does not exist for an OIDC login, then it will be automatically created for them. If it does exist then the user can log in. When set to false, Oidc logins will fail if a user was not created beforehand. Failure message is set to `auth.failed`. In order to log in you must first create an account with another admin account and manually input the **External Authentication ID**. ## Why this would be helpful I work for a university, and our department would like to implement bookstack while using our university's authentication services to handle logins. Problem is anyone affiliated with the university has a login, but I only want people from my department to have access to our bookstacks instance. Everyone at this university knows their own External Authentication ID so it makes it easy for us to create the accounts manually and control who has access. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
OVERLORD added the pull-request label 2026-02-05 10:31:40 +03:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#6416