HarborForge.Backend/app/models/oidc_settings.py

from sqlalchemy import Column, Integer, String, Boolean, DateTime
from sqlalchemy.sql import func
from app.core.config import Base


class OidcSettings(Base):
    """Single-row (id=1) runtime OIDC configuration.

    When a row exists its non-empty fields override the OIDC_* env vars,
    so the provider can be configured from the admin UI without a redeploy.
    """
    __tablename__ = "oidc_settings"

    id = Column(Integer, primary_key=True, default=1)
    enabled = Column(Boolean, default=False, nullable=False)
    issuer = Column(String(255), nullable=True)
    client_id = Column(String(255), nullable=True)
    client_secret = Column(String(512), nullable=True)
    redirect_uri = Column(String(512), nullable=True)
    scopes = Column(String(255), nullable=True)
    post_login_redirect = Column(String(512), nullable=True)
    updated_at = Column(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())