- Create OAuth2ProvidersController to list available providers
- Update OAuth2ConnectController to support provider parameter
- Update OAuth2CallbackController to handle multi-provider callbacks
- Update app.ts to initialize OAuth2ProviderManager on startup
- Maintain backward compatibility with legacy single-provider mode
- Add health monitoring for all providers (60s intervals)
Application Integration:
- Update server/app.ts to initialize OAuth2Service on startup
* Conditional initialization based on VITE_USE_OAUTH2 flag
* OIDC discovery document fetching
* Comprehensive error handling and logging
* Graceful fallback if OIDC provider unavailable
UserController Updates:
- Support dual authentication (OAuth 1.0a and OAuth2)
- OAuth2 user session detection and retrieval
- Automatic token refresh when access token expires
- Unified user data format for both auth methods
- Enhanced logout to clear both OAuth 1.0a and OAuth2 sessions
- Comprehensive logging for debugging
Features:
- Seamless switching between auth methods via feature flag
- Backward compatibility maintained
- Automatic token refresh before expiry
- Session cleanup on logout
- Error handling with fallback to empty response
Next phase: Update frontend components for OAuth2 login flow
