add management oidc configuration for proxies

management/server/idp/embedded.go

@@ -18,6 +18,7 @@ import (
 const (
 	staticClientDashboard  = "netbird-dashboard"
 	staticClientCLI        = "netbird-cli"
+	staticClientProxy      = "netbird-proxy"
 	defaultCLIRedirectURL1 = "http://localhost:53000/"
 	defaultCLIRedirectURL2 = "http://localhost:54000/"
 	defaultScopes          = "openid profile email groups"
@@ -37,8 +38,10 @@ type EmbeddedIdPConfig struct {
 	Storage EmbeddedStorageConfig
 	// DashboardRedirectURIs are the OAuth2 redirect URIs for the dashboard client
 	DashboardRedirectURIs []string
-	// DashboardRedirectURIs are the OAuth2 redirect URIs for the dashboard client
+	// CLIRedirectURIs are the OAuth2 redirect URIs for the CLI client
 	CLIRedirectURIs []string
+	// ProxyRedirectURIs are the OAuth2 redirect URIs for the Proxy client
+	ProxyRedirectURIs []string
 	// Owner is the initial owner/admin user (optional, can be nil)
 	Owner *OwnerConfig
 	// SignKeyRefreshEnabled enables automatic key rotation for signing keys
@@ -119,6 +122,12 @@ func (c *EmbeddedIdPConfig) ToYAMLConfig() (*dex.YAMLConfig, error) {
 				Public:       true,
 				RedirectURIs: cliRedirectURIs,
 			},
+			{
+				ID:           staticClientProxy,
+				Name:         "NetBird Proxy",
+				Public:       true,
+				RedirectURIs: c.ProxyRedirectURIs,
+			},
 		},
 	}
 
@@ -546,7 +555,7 @@ func (m *EmbeddedIdPManager) GetLocalKeysLocation() string {
 
 // GetClientIDs returns the OAuth2 client IDs configured for this provider.
 func (m *EmbeddedIdPManager) GetClientIDs() []string {
-	return []string{staticClientDashboard, staticClientCLI}
+	return []string{staticClientDashboard, staticClientCLI, staticClientProxy}
 }
 
 // GetUserIDClaim returns the JWT claim name used for user identification.