diff --git a/.gitignore b/.gitignore
index 6a64b8a43..6cd8f0f06 100644
--- a/.gitignore
+++ b/.gitignore
@@ -49,3 +49,4 @@ nbdist/
/komga/src/main/resources/public/
/komga/artemis/
/komga/lucene/
+application-oauth2.yml
diff --git a/.idea/runConfigurations/komga__bootRun__dev_localdb_noclaim.xml b/.idea/runConfigurations/komga__bootRun__dev_localdb_noclaim_oauth2.xml
similarity index 61%
rename from .idea/runConfigurations/komga__bootRun__dev_localdb_noclaim.xml
rename to .idea/runConfigurations/komga__bootRun__dev_localdb_noclaim_oauth2.xml
index f21603ea8..cd4deffe9 100644
--- a/.idea/runConfigurations/komga__bootRun__dev_localdb_noclaim.xml
+++ b/.idea/runConfigurations/komga__bootRun__dev_localdb_noclaim_oauth2.xml
@@ -1,26 +1,26 @@
-
+
-
+
-
+
- true
+ true
+ true
+ false
\ No newline at end of file
diff --git a/komga/src/main/kotlin/org/gotson/komga/infrastructure/configuration/KomgaProperties.kt b/komga/src/main/kotlin/org/gotson/komga/infrastructure/configuration/KomgaProperties.kt
index 350a5958e..d50184c1c 100644
--- a/komga/src/main/kotlin/org/gotson/komga/infrastructure/configuration/KomgaProperties.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/infrastructure/configuration/KomgaProperties.kt
@@ -32,6 +32,8 @@ class KomgaProperties {
var nativeWebp: Boolean = true
+ var oauth2AccountCreation: Boolean = false
+
var database = Database()
var cors = Cors()
diff --git a/komga/src/main/kotlin/org/gotson/komga/infrastructure/security/oauth2/KomgaOAuth2UserServiceConfiguration.kt b/komga/src/main/kotlin/org/gotson/komga/infrastructure/security/oauth2/KomgaOAuth2UserServiceConfiguration.kt
index 299f6c14b..7f1126cdf 100644
--- a/komga/src/main/kotlin/org/gotson/komga/infrastructure/security/oauth2/KomgaOAuth2UserServiceConfiguration.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/infrastructure/security/oauth2/KomgaOAuth2UserServiceConfiguration.kt
@@ -1,6 +1,11 @@
package org.gotson.komga.infrastructure.security.oauth2
+import mu.KotlinLogging
+import org.apache.commons.lang3.RandomStringUtils
+import org.gotson.komga.domain.model.KomgaUser
import org.gotson.komga.domain.persistence.KomgaUserRepository
+import org.gotson.komga.domain.service.KomgaUserLifecycle
+import org.gotson.komga.infrastructure.configuration.KomgaProperties
import org.gotson.komga.infrastructure.security.KomgaPrincipal
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
@@ -13,9 +18,13 @@ import org.springframework.security.oauth2.core.OAuth2AuthenticationException
import org.springframework.security.oauth2.core.oidc.user.OidcUser
import org.springframework.security.oauth2.core.user.OAuth2User
+private val logger = KotlinLogging.logger {}
+
@Configuration
class KomgaOAuth2UserServiceConfiguration(
private val userRepository: KomgaUserRepository,
+ private val userLifecycle: KomgaUserLifecycle,
+ private val komgaProperties: KomgaProperties,
) {
@Bean
@@ -34,9 +43,10 @@ class KomgaOAuth2UserServiceConfiguration(
val email = oAuth2User.getAttribute("email")
?: throw OAuth2AuthenticationException("ERR_1024")
- userRepository.findByEmailIgnoreCaseOrNull(email)?.let {
- KomgaPrincipal(it, oAuth2User = oAuth2User)
- } ?: throw OAuth2AuthenticationException("ERR_1025")
+ val existingUser = userRepository.findByEmailIgnoreCaseOrNull(email)
+ ?: tryCreateNewUser(email)
+
+ KomgaPrincipal(existingUser, oAuth2User = oAuth2User)
}
}
@@ -48,9 +58,16 @@ class KomgaOAuth2UserServiceConfiguration(
if (!oidcUser.emailVerified) throw OAuth2AuthenticationException("ERR_1026")
- userRepository.findByEmailIgnoreCaseOrNull(oidcUser.email)?.let {
- KomgaPrincipal(it, oidcUser)
- } ?: throw OAuth2AuthenticationException("ERR_1025")
+ val existingUser = userRepository.findByEmailIgnoreCaseOrNull(oidcUser.email)
+ ?: tryCreateNewUser(oidcUser.email)
+
+ KomgaPrincipal(existingUser, oidcUser)
}
}
+
+ private fun tryCreateNewUser(email: String) =
+ if (komgaProperties.oauth2AccountCreation) {
+ logger.info { "Creating new user from OAuth2 login: $email" }
+ userLifecycle.createUser(KomgaUser(email, RandomStringUtils.randomAlphanumeric(12), roleAdmin = false))
+ } else throw OAuth2AuthenticationException("ERR_1025")
}
diff --git a/komga/src/main/resources/application-dev.yml b/komga/src/main/resources/application-dev.yml
index 9a73694b6..7babe20da 100644
--- a/komga/src/main/resources/application-dev.yml
+++ b/komga/src/main/resources/application-dev.yml
@@ -12,6 +12,7 @@ komga:
# file-hashing: false
# delete-empty-collections: true
# delete-empty-read-lists: true
+ oauth2-account-creation: false
spring:
artemis:
embedded: