Non-admins fall through to the catch-all redirect instead of seeing
the OIDC settings page shell. Sidebar link, in-page guard and the
admin-only backend API remain as defense in depth.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
New admin page /settings/oidc to configure the OIDC provider (issuer,
client id/secret, redirect/callback URL, scopes, post-login redirect).
Prominently shows the callback URL to register at the IdP, current
status/source, and the read-only deploy-level OIDC-only flag. Secret
is write-only (blank = keep). Sidebar entry for admins.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- useAuthConfig fetches public /auth/config; LoginPage hides the
password form when oidc_only and shows an SSO button when enabled.
- /oidc/callback route applies the returned JWT (sign-in) or shows the
link result; oidc_error surfaced on LoginPage.
- UsersPage: hides password fields in OIDC-only mode; admin OIDC
bind/unbind UI per user. Sidebar self-service "Link OIDC account"
(non-OIDC_ONLY).
- Dockerfile ARG/ENV HARBORFORGE_OIDC_ONLY.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- New CalendarPage with daily view (date navigation, slot list) and plans tab
- Route /calendar added in App.tsx
- Sidebar entry added after Proposals
- Daily view: shows time slots with type, status, priority, duration, event data
- Distinguishes real vs virtual (plan) slots visually
- Plans tab: shows schedule plan rules with schedule parameters
- Milestone navigation now uses milestone_code instead of numeric id
- MilestoneDetailPage uses milestone.id (numeric) for project-scoped API calls
- App.tsx checks /config/status on backend first, falls back to wizard
- Added milestone_code to Milestone type
- Fixed MilestoneDetailPage to use fetched milestone.id for sub-queries
- Add routes for /meetings/:meetingId and /supports/:supportId in App.tsx
- Fix MilestoneDetailPage to navigate to code-first detail URLs
- Update table headers from '#' to 'Code' for supports/meetings lists
- Fix TypeScript types for supports/meetings (use any[] instead of Task[])
- MeetingDetailPage: full detail view with attend, transition, edit, delete
- SupportDetailPage: full detail view with take, transition, edit, delete
- Read HF_BACKEND_BASE_URL from localStorage in api client
- Refresh baseURL on each request interceptor
- Persist backend_url from wizard config during app bootstrap
- Persist backend_base_url after setup save
- App checks wizard API for harborforge.json config with initialized=true
- If not initialized, show embedded setup wizard (talks to wizard API via CORS)
- Setup saves config with initialized:true to wizard config volume
- After restart, backend reads config and starts, frontend sees initialized=true
- Remove VITE_API_BASE build arg (not needed, api.ts uses /api relative path)
- Fix Object.entries null crash in DashboardPage
- SetupWizardPage: step-by-step config (DB, admin, project)
- Connects directly to AbstractWizard via SSH tunnel (127.0.0.1)
- App.tsx: detect backend health, show wizard if not ready
- Auto-switch wizard to readonly after setup
- Add VITE_WIZARD_PORT build arg
- Add vite-env.d.ts for type safety
- Login page with JWT auth
- Dashboard with stats and charts
- Issues list with pagination, filtering
- Issue detail with comments, status transitions
- Create issue form
- Dark theme UI
- Docker (nginx) with API proxy to backend
- Sidebar navigation
