From 17892e64adda3ed2a5d6523a66d774978433dc28 Mon Sep 17 00:00:00 2001
From: DrummyFloyd <jonathan.monnet28@gmail.com>
Date: Fri, 31 Jan 2025 16:21:44 +0100
Subject: [PATCH] feat(oidc): use generic implementation

---
 .env.example                                  | 21 ++++----
 ...uthentik.provider.ts => oauth.provider.ts} | 51 ++++++++++++-------
 .../auth/providers/providers.factory.ts       |  6 +--
 apps/frontend/public/icons/authentik.svg      |  1 -
 apps/frontend/public/icons/generic-oauth.svg  |  9 ++++
 apps/frontend/src/app/layout.tsx              |  4 +-
 apps/frontend/src/components/auth/login.tsx   | 10 ++--
 ...hentik.provider.tsx => oauth.provider.tsx} | 14 ++---
 apps/frontend/src/middleware.ts               |  4 +-
 .../src/database/prisma/schema.prisma         |  2 +-
 .../src/helpers/variable.context.tsx          |  8 ++-
 11 files changed, 82 insertions(+), 48 deletions(-)
 rename apps/backend/src/services/auth/providers/{authentik.provider.ts => oauth.provider.ts} (54%)
 delete mode 100644 apps/frontend/public/icons/authentik.svg
 create mode 100644 apps/frontend/public/icons/generic-oauth.svg
 rename apps/frontend/src/components/auth/providers/{authentik.provider.tsx => oauth.provider.tsx} (65%)

diff --git a/.env.example b/.env.example
index 64252ba1..34eab615 100644
--- a/.env.example
+++ b/.env.example
@@ -1,6 +1,6 @@
 # Configuration reference: http://docs.postiz.com/configuration/reference
 
-# === Required Settings 
+# === Required Settings
 DATABASE_URL="postgresql://postiz-user:postiz-password@localhost:5432/postiz-db-local"
 REDIS_URL="redis://localhost:6379"
 JWT_SECRET="random string for your JWT secret, make it long"
@@ -20,7 +20,6 @@ CLOUDFLARE_BUCKETNAME="your-bucket-name"
 CLOUDFLARE_BUCKET_URL="https://your-bucket-url.r2.cloudflarestorage.com/"
 CLOUDFLARE_REGION="auto"
 
-
 # === Common optional Settings
 
 ## This is a dummy key, you must create your own from Resend.
@@ -32,7 +31,7 @@ CLOUDFLARE_REGION="auto"
 #DISABLE_REGISTRATION=false
 
 # Where will social media icons be saved - local or cloudflare.
-STORAGE_PROVIDER="local" 
+STORAGE_PROVIDER="local"
 
 # Your upload directory path if you host your files locally, otherwise Cloudflare will be used.
 #UPLOAD_DIRECTORY=""
@@ -40,7 +39,6 @@ STORAGE_PROVIDER="local"
 # Your upload directory path if you host your files locally, otherwise Cloudflare will be used.
 #NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY=""
 
-
 # Social Media API Settings
 X_API_KEY=""
 X_API_SECRET=""
@@ -91,8 +89,13 @@ STRIPE_SIGNING_KEY_CONNECT=""
 # Developer Settings
 NX_ADD_PLUGINS=false
 IS_GENERAL="true" # required for now
-AUTHENTIK_OIDC="false"
-AUTHENTIK_URL=""
-AUTHENTIK_CLIENT_ID=""
-AUTHENTIK_CLIENT_SECRET=""
-AUTHENTIK_SCOPE=""
+NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME="Authentik"
+NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL="https://raw.githubusercontent.com/walkxcode/dashboard-icons/master/png/authentik.png"
+POSTIZ_GENERIC_OAUTH="false"
+POSTIZ_OAUTH_URL="https://auth.example.com"
+POSTIZ_OAUTH_AUTH_URL="https://auth.example.com/application/o/authorize"
+POSTIZ_OAUTH_TOKEN_URL="https://auth.example.com/application/o/token"
+POSTIZ_OAUTH_USERINFO_URL="https://authentik.example.com/application/o/userinfo"
+POSTIZ_OAUTH_CLIENT_ID=""
+POSTIZ_OAUTH_CLIENT_SECRET=""
+# POSTIZ_OAUTH_SCOPE="openid profile email" # default values
diff --git a/apps/backend/src/services/auth/providers/authentik.provider.ts b/apps/backend/src/services/auth/providers/oauth.provider.ts
similarity index 54%
rename from apps/backend/src/services/auth/providers/authentik.provider.ts
rename to apps/backend/src/services/auth/providers/oauth.provider.ts
index 88f1c1d1..9ce6f278 100644
--- a/apps/backend/src/services/auth/providers/authentik.provider.ts
+++ b/apps/backend/src/services/auth/providers/oauth.provider.ts
@@ -1,36 +1,51 @@
 import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
 
-export class AuthentikProvider implements ProvidersInterface {
+export class OauthProvider implements ProvidersInterface {
+  private readonly authUrl: string;
   private readonly baseUrl: string;
   private readonly clientId: string;
   private readonly clientSecret: string;
   private readonly frontendUrl: string;
+  private readonly tokenUrl: string;
+  private readonly userInfoUrl: string;
 
   constructor() {
     const {
-      AUTHENTIK_URL,
-      AUTHENTIK_CLIENT_ID,
-      AUTHENTIK_CLIENT_SECRET,
+      POSTIZ_OAUTH_AUTH_URL,
+      POSTIZ_OAUTH_CLIENT_ID,
+      POSTIZ_OAUTH_CLIENT_SECRET,
+      POSTIZ_OAUTH_TOKEN_URL,
+      POSTIZ_OAUTH_URL,
+      POSTIZ_OAUTH_USERINFO_URL,
       FRONTEND_URL,
     } = process.env;
 
-    if (!AUTHENTIK_URL)
-      throw new Error('AUTHENTIK_URL environment variable is not set');
-    if (!AUTHENTIK_CLIENT_ID)
-      throw new Error('AUTHENTIK_CLIENT_ID environment variable is not set');
-    if (!AUTHENTIK_CLIENT_SECRET)
+    if (!POSTIZ_OAUTH_USERINFO_URL)
       throw new Error(
-        'AUTHENTIK_CLIENT_SECRET environment variable is not set'
+        'POSTIZ_OAUTH_USERINFO_URL environment variable is not set'
       );
+    if (!POSTIZ_OAUTH_URL)
+      throw new Error('POSTIZ_OAUTH_URL environment variable is not set');
+    if (!POSTIZ_OAUTH_TOKEN_URL)
+      throw new Error('POSTIZ_OAUTH_TOKEN_URL environment variable is not set');
+    if (!POSTIZ_OAUTH_CLIENT_ID)
+      throw new Error('POSTIZ_OAUTH_CLIENT_ID environment variable is not set');
+    if (!POSTIZ_OAUTH_CLIENT_SECRET)
+      throw new Error(
+        'POSTIZ_OAUTH_CLIENT_SECRET environment variable is not set'
+      );
+    if (!POSTIZ_OAUTH_AUTH_URL)
+      throw new Error('POSTIZ_OAUTH_AUTH_URL environment variable is not set');
     if (!FRONTEND_URL)
       throw new Error('FRONTEND_URL environment variable is not set');
 
-    this.baseUrl = AUTHENTIK_URL.endsWith('/')
-      ? AUTHENTIK_URL.slice(0, -1)
-      : AUTHENTIK_URL;
-    this.clientId = AUTHENTIK_CLIENT_ID;
-    this.clientSecret = AUTHENTIK_CLIENT_SECRET;
+    this.authUrl = POSTIZ_OAUTH_AUTH_URL;
+    this.baseUrl = POSTIZ_OAUTH_URL;
+    this.clientId = POSTIZ_OAUTH_CLIENT_ID;
+    this.clientSecret = POSTIZ_OAUTH_CLIENT_SECRET;
     this.frontendUrl = FRONTEND_URL;
+    this.tokenUrl = POSTIZ_OAUTH_TOKEN_URL;
+    this.userInfoUrl = POSTIZ_OAUTH_USERINFO_URL;
   }
 
   generateLink(): string {
@@ -41,11 +56,11 @@ export class AuthentikProvider implements ProvidersInterface {
       redirect_uri: `${this.frontendUrl}/settings`,
     });
 
-    return `${this.baseUrl}/application/o/authorize/?${params.toString()}`;
+    return `${this.authUrl}/?${params.toString()}`;
   }
 
   async getToken(code: string): Promise<string> {
-    const response = await fetch(`${this.baseUrl}/application/o/token/`, {
+    const response = await fetch(`${this.tokenUrl}/`, {
       method: 'POST',
       headers: {
         'Content-Type': 'application/x-www-form-urlencoded',
@@ -70,7 +85,7 @@ export class AuthentikProvider implements ProvidersInterface {
   }
 
   async getUser(access_token: string): Promise<{ email: string; id: string }> {
-    const response = await fetch(`${this.baseUrl}/application/o/userinfo/`, {
+    const response = await fetch(`${this.userInfoUrl}/`, {
       headers: {
         Authorization: `Bearer ${access_token}`,
         Accept: 'application/json',
diff --git a/apps/backend/src/services/auth/providers/providers.factory.ts b/apps/backend/src/services/auth/providers/providers.factory.ts
index 01bfa483..2815bc3e 100644
--- a/apps/backend/src/services/auth/providers/providers.factory.ts
+++ b/apps/backend/src/services/auth/providers/providers.factory.ts
@@ -4,7 +4,7 @@ import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.int
 import { GoogleProvider } from '@gitroom/backend/services/auth/providers/google.provider';
 import { FarcasterProvider } from '@gitroom/backend/services/auth/providers/farcaster.provider';
 import { WalletProvider } from '@gitroom/backend/services/auth/providers/wallet.provider';
-import { AuthentikProvider } from '@gitroom/backend/services/auth/providers/authentik.provider';
+import { OauthProvider } from '@gitroom/backend/services/auth/providers/oauth.provider';
 
 export class ProvidersFactory {
   static loadProvider(provider: Provider): ProvidersInterface {
@@ -17,8 +17,8 @@ export class ProvidersFactory {
         return new FarcasterProvider();
       case Provider.WALLET:
         return new WalletProvider();
-      case Provider.AUTHENTIK:
-        return new AuthentikProvider();
+      case Provider.GENERIC:
+        return new OauthProvider();
     }
   }
 }
diff --git a/apps/frontend/public/icons/authentik.svg b/apps/frontend/public/icons/authentik.svg
deleted file mode 100644
index c839ddab..00000000
--- a/apps/frontend/public/icons/authentik.svg
+++ /dev/null
@@ -1 +0,0 @@
-<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 526.49"><defs><style>.cls-1{fill:#fd4b2d;}</style></defs><path class="cls-1" d="M90.84,418.79h26.37V523.88H90.84V512.77a52,52,0,0,1-15.48,10.58,43.48,43.48,0,0,1-16.84,3.23q-20.35,0-35.21-15.79T8.45,471.52q0-24.33,14.37-39.89t34.93-15.55a44.43,44.43,0,0,1,17.75,3.57,48.57,48.57,0,0,1,15.34,10.73ZM63.12,440.42a26.62,26.62,0,0,0-20.31,8.65q-8.09,8.64-8.09,22.16T43,493.64a26.67,26.67,0,0,0,20.27,8.79,27.19,27.19,0,0,0,20.6-8.64Q92,485.15,92,471.14q0-13.71-8.18-22.22T63.12,440.42Z"/><path class="cls-1" d="M155.64,418.79H182.3V469.4q0,14.78,2,20.53a18,18,0,0,0,6.54,8.93A18.74,18.74,0,0,0,202,502.05a19.38,19.38,0,0,0,11.18-3.14,18.42,18.42,0,0,0,6.83-9.23q1.64-4.53,1.64-19.41V418.79H248v44.52q0,27.54-4.34,37.67A41.1,41.1,0,0,1,228,520q-10.34,6.62-26.27,6.62-17.29,0-28-7.73t-15-21.54q-3.09-9.56-3.09-34.77Z"/><path class="cls-1" d="M289.51,380.05h26.37v38.74h15.64v22.69H315.88v82.4H289.51v-82.4H276V418.79h13.53Z"/><path class="cls-1" d="M357.59,378.22h26.18v51.19a60,60,0,0,1,15.55-10,40.11,40.11,0,0,1,15.84-3.33,35.7,35.7,0,0,1,26.37,10.82q9.18,9.36,9.18,27.53v69.45h-26V477.8q0-18.26-1.74-24.73c-1.15-4.31-3.14-7.53-5.94-9.65a16.64,16.64,0,0,0-10.38-3.19,19.56,19.56,0,0,0-13.76,5.31q-5.76,5.31-8,14.49-1.15,4.73-1.16,21.64v42.21H357.59Z"/><path class="cls-1" d="M593.36,479H508.65q1.83,11.21,9.8,17.82t20.34,6.62a35.11,35.11,0,0,0,25.4-10.34l22.22,10.44a52.58,52.58,0,0,1-19.9,17.43q-11.6,5.66-27.53,5.65-24.74,0-40.28-15.6t-15.55-39.07q0-24,15.5-39.94t38.88-15.89q24.83,0,40.38,15.89t15.55,42ZM567,458.19a26.5,26.5,0,0,0-10.3-14.29,29.9,29.9,0,0,0-17.86-5.51,31.53,31.53,0,0,0-19.35,6.19q-5.22,3.85-9.67,13.61Z"/><path class="cls-1" d="M626.58,418.79h26.36v10.77q9-7.57,16.26-10.52a39.28,39.28,0,0,1,14.9-3A36.07,36.07,0,0,1,710.62,427q9.17,9.28,9.17,27.44v69.45H693.71v-46q0-18.83-1.69-25a17.08,17.08,0,0,0-5.88-9.41,16.48,16.48,0,0,0-10.36-3.23,19.41,19.41,0,0,0-13.73,5.35q-5.73,5.35-7.95,14.81-1.15,4.92-1.16,21.32v42.17H626.58Z"/><path class="cls-1" d="M760.34,380.05h26.37v38.74h15.65v22.69H786.71v82.4H760.34v-82.4H746.82V418.79h13.52Z"/><path class="cls-1" d="M838.62,375.51a16.14,16.14,0,0,1,11.89,5,16.68,16.68,0,0,1,5,12.17,16.45,16.45,0,0,1-4.91,12,15.92,15.92,0,0,1-11.75,5,16.17,16.17,0,0,1-12-5.08,16.93,16.93,0,0,1-5-12.31,16.8,16.8,0,0,1,16.76-16.81Z"/><rect class="cls-1" x="825.43" y="418.79" width="26.37" height="105.09"/><path class="cls-1" d="M887.82,378.22h26.37v83.89L953,418.79h33.12l-45.27,50.36,50.68,54.73H958.82l-44.63-48.44v48.44H887.82Z"/><rect class="cls-1" x="466.5" y="78.74" width="16.65" height="47.58"/><rect class="cls-1" x="509.81" y="76.74" width="16.65" height="37.21"/><path class="cls-1" d="M267.09,131.08a60.71,60.71,0,0,0-53.36,31.83H242c12.5-10.78,30.66-13.93,43.79,0h29.89C304,147.14,286.47,131.08,267.09,131.08Z"/><path class="cls-1" d="M307.42,191.62c-38.94,81.44-107.21,12-65.47-28.71H213.73c-22.16,38.61,8.46,90.67,53.36,89.49,34.72,0,63.39-51.54,63.39-60.66,0-4-5.6-16.34-14.85-28.83H285.74C295.65,171.9,304.29,185,307.42,191.62Zm1-2.37Z"/><path class="cls-1" d="M682.22,78.16v215a74.83,74.83,0,0,1-74.75,74.74H575.75V294.7H424.25v73.2H392.53a74.83,74.83,0,0,1-74.75-74.74V225.55H558V96.24H442v72.65H317.78V78.16a71.49,71.49,0,0,1,.51-8.58,73.9,73.9,0,0,1,1.84-10.07c.28-1.06.59-2.12.9-3.15a6.08,6.08,0,0,1,.25-.79c.17-.53.33-1,.5-1.53s.37-1,.56-1.54.42-1.15.64-1.71.48-1.11.7-1.67a76.7,76.7,0,0,1,6.79-12.61l.09-.11c.67-1,1.37-2,2.09-2.94.62-.81,1.23-1.59,1.85-2.37s1.48-1.76,2.24-2.6,1.48-1.65,2.26-2.43l.08-.09c.39-.44.81-.84,1.26-1.26a75.74,75.74,0,0,1,8.89-7.43c.84-.62,1.73-1.2,2.63-1.79s2-1.26,3-1.87c2-1.15,4-2.21,6-3.16.65-.31,1.32-.62,2-.89a69.57,69.57,0,0,1,8.75-3.16c1.15-.34,2.29-.65,3.47-.93.55-.14,1.11-.28,1.7-.39a76.61,76.61,0,0,1,10.12-1.48l1.48-.08c.25,0,.48,0,.73,0,1.11-.06,2.26-.08,3.41-.08H607.47c1.15,0,2.3,0,3.41.08.25,0,.48,0,.73,0l1.48.08a76.61,76.61,0,0,1,10.12,1.48c.59.11,1.15.25,1.7.39,1.18.28,2.32.59,3.47.93a69.57,69.57,0,0,1,8.75,3.16c.64.27,1.31.58,2,.89,2.06.95,4,2,6,3.16,1,.61,2,1.23,3,1.87s1.79,1.17,2.63,1.79A74.72,74.72,0,0,1,661,26.06c.78.78,1.54,1.59,2.26,2.43s1.51,1.73,2.24,2.6,1.23,1.56,1.85,2.37c.72,1,1.42,2,2.09,2.94l.09.11a76.7,76.7,0,0,1,6.79,12.61c.22.56.47,1.11.7,1.67s.42,1.12.64,1.71.39,1,.56,1.54.33,1,.5,1.53a6.08,6.08,0,0,1,.25.79c.31,1,.62,2.09.9,3.15a73.9,73.9,0,0,1,1.84,10.07A71.49,71.49,0,0,1,682.22,78.16Z"/><path class="cls-1" d="M669.52,36.51h-339a74.73,74.73,0,0,1,62-33.08h215A74.73,74.73,0,0,1,669.52,36.51Z"/><path class="cls-1" d="M681.74,69.59H318.26a73.92,73.92,0,0,1,12.22-33.08h339A73.92,73.92,0,0,1,681.74,69.59Z"/><path class="cls-1" d="M682.24,78.16v24.51H558V96.24H442v6.43H317.76V78.16a71.5,71.5,0,0,1,.5-8.58H681.74A71.5,71.5,0,0,1,682.24,78.16Z"/><rect class="cls-1" x="317.76" y="102.67" width="124.27" height="33.09"/><rect class="cls-1" x="557.97" y="102.67" width="124.27" height="33.09"/><rect class="cls-1" x="317.76" y="135.77" width="124.27" height="33.07"/><rect class="cls-1" x="557.97" y="135.77" width="124.27" height="33.07"/></svg>
\ No newline at end of file
diff --git a/apps/frontend/public/icons/generic-oauth.svg b/apps/frontend/public/icons/generic-oauth.svg
new file mode 100644
index 00000000..b06d1498
--- /dev/null
+++ b/apps/frontend/public/icons/generic-oauth.svg
@@ -0,0 +1,9 @@
+<?xml version="1.0" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" >
+<!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
+<svg width="800px" height="800px" viewBox="-10 -5 1034 1034" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1">
+   <path fill="#000000"
+d="M504 228q-16 0 -33 1q-33 2 -70 11q-35 9 -60 20q-38 17 -77 44q-44 31 -78 75t-55 96l-5 12q-9 22 -12 33q-13 45 -13 98q0 49 9 93q22 100 82 171q52 62 139 108q48 25 109.5 33.5t124.5 -1t115 -35.5q90 -46 152 -139q31 -46 48 -100q19 -60 19 -124q0 -57 -21 -119
+q-17 -52 -46 -97q-51 -81 -128 -127q-88 -53 -200 -53zM470 418h54q16 0 29 9.5t18 24.5l106 320q7 20 -2.5 38.5t-28.5 24.5q-8 2 -16 2q-16 0 -29 -9t-18 -25l-23 -73h-120l-23 73q-5 15 -18 24.5t-29 9.5q-8 0 -15 -2q-20 -6 -29.5 -24t-3.5 -38l101 -320q5 -16 18 -25.5
+t29 -9.5z" />
+</svg>
\ No newline at end of file
diff --git a/apps/frontend/src/app/layout.tsx b/apps/frontend/src/app/layout.tsx
index b932d3ac..68d46402 100644
--- a/apps/frontend/src/app/layout.tsx
+++ b/apps/frontend/src/app/layout.tsx
@@ -39,7 +39,9 @@ export default async function AppLayout({ children }: { children: ReactNode }) {
           discordUrl={process.env.NEXT_PUBLIC_DISCORD_SUPPORT!}
           frontEndUrl={process.env.FRONTEND_URL!}
           isGeneral={!!process.env.IS_GENERAL}
-          authentikOIDC={!!process.env.AUTHENTIK_OIDC}
+          genericOauth={!!process.env.POSTIZ_GENERIC_OAUTH}
+          oauthLogoUrl={process.env.NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL!}
+          oauthDisplayName={process.env.NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME!}
           uploadDirectory={process.env.NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY!}
           tolt={process.env.NEXT_PUBLIC_TOLT!}
           facebookPixel={process.env.NEXT_PUBLIC_FACEBOOK_PIXEL!}
diff --git a/apps/frontend/src/components/auth/login.tsx b/apps/frontend/src/components/auth/login.tsx
index 9e52e429..00a1ed88 100644
--- a/apps/frontend/src/components/auth/login.tsx
+++ b/apps/frontend/src/components/auth/login.tsx
@@ -9,7 +9,7 @@ import { useMemo, useState } from 'react';
 import { classValidatorResolver } from '@hookform/resolvers/class-validator';
 import { LoginUserDto } from '@gitroom/nestjs-libraries/dtos/auth/login.user.dto';
 import { GithubProvider } from '@gitroom/frontend/components/auth/providers/github.provider';
-import { AuthentikProvider } from '@gitroom/frontend/components/auth/providers/authentik.provider';
+import { OauthProvider } from '@gitroom/frontend/components/auth/providers/oauth.provider';
 import interClass from '@gitroom/react/helpers/inter.font';
 import { GoogleProvider } from '@gitroom/frontend/components/auth/providers/google.provider';
 import { useVariables } from '@gitroom/react/helpers/variable.context';
@@ -25,8 +25,8 @@ type Inputs = {
 
 export function Login() {
   const [loading, setLoading] = useState(false);
-  const { isGeneral, neynarClientId, billingEnabled } = useVariables();
-  const { isGeneral, neynarClientId, authentikOIDC } = useVariables();
+  const { isGeneral, neynarClientId, billingEnabled, genericOauth } =
+    useVariables();
   const resolver = useMemo(() => {
     return classValidatorResolver(LoginUserDto);
   }, []);
@@ -65,8 +65,8 @@ export function Login() {
             Sign In
           </h1>
         </div>
-        {isGeneral && authentikOIDC ? (
-          <AuthentikProvider />
+        {isGeneral && genericOauth ? (
+          <OauthProvider />
         ) : !isGeneral ? (
           <GithubProvider />
         ) : (
diff --git a/apps/frontend/src/components/auth/providers/authentik.provider.tsx b/apps/frontend/src/components/auth/providers/oauth.provider.tsx
similarity index 65%
rename from apps/frontend/src/components/auth/providers/authentik.provider.tsx
rename to apps/frontend/src/components/auth/providers/oauth.provider.tsx
index 985825ad..69b15210 100644
--- a/apps/frontend/src/components/auth/providers/authentik.provider.tsx
+++ b/apps/frontend/src/components/auth/providers/oauth.provider.tsx
@@ -2,13 +2,15 @@ import { useCallback } from 'react';
 import Image from 'next/image';
 import { useFetch } from '@gitroom/helpers/utils/custom.fetch';
 import interClass from '@gitroom/react/helpers/inter.font';
+import { useVariables } from '@gitroom/react/helpers/variable.context';
 
-export const AuthentikProvider = () => {
+export const OauthProvider = () => {
   const fetch = useFetch();
+  const { oauthLogoUrl, oauthDisplayName } = useVariables();
 
   const gotoLogin = useCallback(async () => {
     try {
-      const response = await fetch('/auth/oauth/AUTHENTIK');
+      const response = await fetch('/auth/oauth/GENERIC');
       if (!response.ok) {
         throw new Error(
           `Login link request failed with status ${response.status}`
@@ -17,7 +19,7 @@ export const AuthentikProvider = () => {
       const link = await response.text();
       window.location.href = link;
     } catch (error) {
-      console.error('Failed to get Authentik login link:', error);
+      console.error('Failed to get generic oauth login link:', error);
     }
   }, []);
 
@@ -28,13 +30,13 @@ export const AuthentikProvider = () => {
     >
       <div>
         <Image
-          src="/icons/authentik.svg"
-          alt="Authentik"
+          src={oauthLogoUrl || '/icons/generic-oauth.svg'}
+          alt="genericOauth"
           width={40}
           height={40}
         />
       </div>
-      <div>Sign in with Authentik </div>
+      <div>Sign in with {oauthDisplayName || 'OAuth'}</div>
     </div>
   );
 };
diff --git a/apps/frontend/src/middleware.ts b/apps/frontend/src/middleware.ts
index 01aae290..a7f7076d 100644
--- a/apps/frontend/src/middleware.ts
+++ b/apps/frontend/src/middleware.ts
@@ -44,8 +44,8 @@ export async function middleware(request: NextRequest) {
       ? ''
       : (url.indexOf('?') > -1 ? '&' : '?') +
         `provider=${(findIndex === 'settings'
-          ? process.env.AUTHENTIK_OIDC
-            ? 'authentik'
+          ? process.env.POSTIZ_GENERIC_OAUTH
+            ? 'generic'
             : 'github'
           : findIndex
         ).toUpperCase()}`;
diff --git a/libraries/nestjs-libraries/src/database/prisma/schema.prisma b/libraries/nestjs-libraries/src/database/prisma/schema.prisma
index ae7fe520..3b5efbcf 100644
--- a/libraries/nestjs-libraries/src/database/prisma/schema.prisma
+++ b/libraries/nestjs-libraries/src/database/prisma/schema.prisma
@@ -636,7 +636,7 @@ enum Provider {
   GOOGLE
   FARCASTER
   WALLET
-  AUTHENTIK
+  GENERIC
 }
 
 enum Role {
diff --git a/libraries/react-shared-libraries/src/helpers/variable.context.tsx b/libraries/react-shared-libraries/src/helpers/variable.context.tsx
index bf2ae9a3..a6716c2e 100644
--- a/libraries/react-shared-libraries/src/helpers/variable.context.tsx
+++ b/libraries/react-shared-libraries/src/helpers/variable.context.tsx
@@ -5,7 +5,9 @@ import { createContext, FC, ReactNode, useContext, useEffect } from 'react';
 interface VariableContextInterface {
   billingEnabled: boolean;
   isGeneral: boolean;
-  authentikOIDC: boolean;
+  genericOauth: boolean;
+  oauthLogoUrl: string;
+  oauthDisplayName: string;
   frontEndUrl: string;
   plontoKey: string;
   storageProvider: 'local' | 'cloudflare';
@@ -21,7 +23,9 @@ interface VariableContextInterface {
 const VariableContext = createContext({
   billingEnabled: false,
   isGeneral: true,
-  authentikOIDC: false,
+  genericOauth: false,
+  oauthLogoUrl: '',
+  oauthDisplayName: '',
   frontEndUrl: '',
   storageProvider: 'local',
   plontoKey: '',