From f6503103849e7b13c32449dd5a58d438545cdf4b Mon Sep 17 00:00:00 2001
From: Marc-Andrieu <marc.andrieu@outlook.com>
Date: Sun, 12 Jan 2025 14:32:55 +0100
Subject: [PATCH] Add PlankaAuthClient

---
 app/utils/auth/providers.py | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/app/utils/auth/providers.py b/app/utils/auth/providers.py
index ffbd896b1..057c0be38 100644
--- a/app/utils/auth/providers.py
+++ b/app/utils/auth/providers.py
@@ -400,3 +400,38 @@ def get_userinfo(cls, user: models_core.CoreUser):
             "email": user.email,
             "is_admin": is_user_member_of_an_allowed_group(user, [GroupType.admin]),
         }
+
+
+class PlankaAuthClient(BaseAuthClient):
+    """
+    An auth client for Planka, a Trello alternative for kanban boards
+
+    Docs for OIDC integration:
+    https://docs.planka.cloud/docs/Configuration/OIDC/
+    """
+
+    allow_pkce_with_client_secret: bool = True  # required to exchange OIDC code
+    allowed_scopes: set[ScopeType | str] = {
+        ScopeType.openid,
+        ScopeType.profile,
+    }
+
+    @classmethod
+    def get_userinfo(cls, user: models_core.CoreUser):
+        # Must match ^[a-zA-Z0-9]+((_|\.)?[a-zA-Z0-9])*$
+        username = unidecode.unidecode(
+            f"{user.firstname.strip()}.{user.name.strip()}",
+        ).replace(" ", "_")
+        username = re.sub(r"[^a-zA-Z0-9._]", "", username)
+
+        return {
+            "sub": user.id,
+            "name": get_display_name(
+                firstname=user.firstname,
+                name=user.name,
+                nickname=user.nickname,
+            ),
+            "preferred_username": username,
+            "groups": [group.name for group in user.groups] + [user.account_type.value],
+            "email": user.email,
+        }