barbercollie/ReadMeABook
1
0
Fork 1
mirror of https://github.com/kikootwo/ReadMeABook.git synced 2026-06-03 04:40:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add sourceHeaders and conditional OIDC groups

Browse Source 
Add support for passing sourceHeaders when fetching NZB/torrent files: extend AddDownloadOptions and SABnzbd AddNZBOptions, forward headers in sabnzbd and nzbget clients, and populate sourceHeaders in download-torrent.processor (injecting Prowlarr API key as X-Api-Key for proxy URLs). Make OIDC request scope conditional: only include the 'groups' scope when group-based access control or admin-claim is enabled (update provider logic, add tests, and update setup UI text). Also remove explicit take:100 in Plex processors and add CLAUDE guidance about requesting approval before implementing code changes.
This commit is contained in:
kikootwo
2026-03-09 10:33:52 -04:00
parent 9cb9d06144
commit 789a2e50ef
10 changed files with 92 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/lib/services/auth/OIDCAuthProvider.ts
+7 -1
View File
@@ -98,9 +98,15 @@ export class OIDCAuthProvider implements IAuthProvider {
timestamp: Date.now(),
});
// Only request 'groups' scope when group-based features are configured
const accessMethod = await this.configService.get('oidc.access_control_method');
const adminClaimEnabled = await this.configService.get('oidc.admin_claim_enabled');
const needsGroups = accessMethod === 'group_claim' || adminClaimEnabled === 'true';
const scope = needsGroups ? 'openid profile email groups' : 'openid profile email';
// Generate authorization URL
const redirectUrl = client.authorizationUrl({
scope: 'openid profile email groups',
scope,
state,
nonce,
code_challenge: codeChallenge,