feat(699): redirect to OIDC issuer when local login is disabled (#741)

Author: dgraf-gh

src/main/java/com/dedicatedcode/reitti/controller/WebViewController.java

@@ -33,11 +33,14 @@ public String index(Authentication authentication, Model model) {
 
         return "index";
     }
-    
+
     @GetMapping("/login")
     public String login(Model model) {
-        model.addAttribute("oidcEnabled", oidcEnabled);
+        if (!localLoginEnabled && oidcEnabled) {
+            return "redirect:/oauth2/authorization/oauth";
+        }
         model.addAttribute("localLoginEnabled", localLoginEnabled);
+        model.addAttribute("oidcEnabled", oidcEnabled);
         return "login";
     }
 

src/main/resources/static/css/main.css

@@ -271,11 +271,13 @@ header {
     transform: translateY(20px);
     opacity: 0;
     transition: all 0.3s ease;
+    pointer-events: none;
 }
 
 .settings-menu.visible {
     transform: translateY(0);
     opacity: 1;
+    pointer-events: all;
 }
 
 .settings-menu-header {

src/main/resources/static/js/map-renderer.js

@@ -67,9 +67,8 @@ class MapRenderer {
                 shadowOpacity: 155,
                 pathWidth: 2,
                 pathOpacity: 35,
-                staticPathWidth: 2,
-                staticPathOpacity: 150,
-
+                staticPathWidth: 4,
+                staticPathOpacity: 200,
             },
             visits: {
                 minZoom: 12,
@@ -177,7 +176,8 @@ class MapRenderer {
                 right: 100,
                 left: 450
             },
-            duration: 2000,
+            maxZoom: 15,
+            duration: 1000,
             essential: true
         });
     }

src/main/resources/templates/login.html

@@ -148,7 +148,7 @@ <h1>Reitti</h1>
             Invalid username or password
         </div>
 
-        <form th:action="@{/login}" method="post" th:if="${localLoginEnabled}">
+        <form th:action="@{/login}" method="post" th:if="${localLoginEnabled != null && localLoginEnabled}">
             <div class="form-group">
                 <label for="username" th:text="#{login.username}">Username</label>
                 <input type="text" id="username" name="username" required autofocus>
@@ -166,8 +166,8 @@ <h1>Reitti</h1>
 
             <button type="submit" th:text="#{login.button}">Login</button>
         </form>
-        <div th:if="${oidcEnabled}">
-            <hr th:if="${localLoginEnabled}" style="margin: 30px 0; border: none; border-top: 1px solid var(--color-highlight);">
+        <div th:if="${oidcEnabled != null && oidcEnabled}">
+            <hr th:if="${localLoginEnabled != null && localLoginEnabled}" style="margin: 30px 0; border: none; border-top: 1px solid var(--color-highlight);">
             <a th:href="@{/oauth2/authorization/oauth}" style="text-decoration: none;">
               <button type="button" th:text="#{login.oauth.button}">Log in with OAuth</button>
             </a>

src/test/java/com/dedicatedcode/reitti/controller/WebViewControllerTest.java

@@ -0,0 +1,69 @@
+package com.dedicatedcode.reitti.controller;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.ui.ExtendedModelMap;
+import org.springframework.ui.Model;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+public class WebViewControllerTest {
+
+    @Test
+    void login_WithLocalLoginEnabled_ShouldShowLoginPage() {
+        // Given
+        WebViewController controller = new WebViewController(false, true, false);
+        Model model = new ExtendedModelMap();
+
+        // When
+        String result = controller.login(model);
+
+        // Then
+        assertEquals("login", result);
+        assertEquals(true, model.getAttribute("localLoginEnabled"));
+        assertEquals(true, model.getAttribute("oidcEnabled"));
+    }
+
+    @Test
+    void login_WithLocalLoginDisabledAndOidcEnabled_ShouldRedirectToOAuth() {
+        // Given
+        WebViewController controller = new WebViewController(true, true, true);
+        Model model = new ExtendedModelMap();
+
+        // When
+        String result = controller.login( model);
+
+        // Then
+        assertEquals("redirect:/oauth2/authorization/oauth", result);
+    }
+
+    @Test
+    void login_WithOnlyLocalLoginEnabled_ShouldShowLoginPage() {
+        // Given
+        WebViewController controller = new WebViewController(false, false, false);
+        Model model = new ExtendedModelMap();
+
+        // When
+        String result = controller.login(model);
+
+        // Then
+        assertEquals("login", result);
+        assertEquals(true, model.getAttribute("localLoginEnabled"));
+        assertEquals(false, model.getAttribute("oidcEnabled"));
+    }
+
+    @Test
+    void login_WithBothLoginMethodsDisabled_ShouldShowLoginPageWithoutOptions() {
+        // Given
+        WebViewController controller = new WebViewController(true, false, false);
+        Model model = new ExtendedModelMap();
+
+        // When
+        String result = controller.login(model);
+
+        // Then
+        assertEquals("login", result);
+        assertEquals(true, model.getAttribute("localLoginEnabled"));
+        assertEquals(false, model.getAttribute("oidcEnabled"));
+    }
+
+}