oidc support for openprject login

apps/openproject/values.yaml

@@ -46,3 +46,26 @@ openproject:
   # 5. Memcached
   memcached:
     enabled: true
+
+  # OIDC Authentik Provider
+  oidc:
+    enabled: true
+    provider: "openproject"
+    displayName: "Authentik"
+    host: "https://auth.apps.k3s.stabify.de"
+    authorizationEndpoint: "https://auth.apps.k3s.stabify.de/application/o/authorize/"
+    tokenEndpoint: "https://auth.apps.k3s.stabify.de/application/o/token/"
+    userinfoEndpoint: "https://auth.apps.k3s.stabify.de/application/o/userinfo/"
+    endSessionEndpoint: "https://auth.apps.k3s.stabify.de/application/o/openproject/end-session/"
+    scope: "[openid]"
+
+    # Optional attribute mappings from the id token
+    attribute_map: {}
+
+    ## To avoid having sensitive credentials in your values.yaml, the preferred way is to
+    ## use an existing secret containing the OIDC compatible access credentials.
+    ## Specify the name of this existing secret here.
+    existingSecret:
+    secretKeys:
+      identifier: "clientId"
+      secret: "clientSecret"