[auth_oidc] Self-registration of users

[madduck]

Is your feature request related to a problem?

At the moment, to onboard a new user, the following steps are required:

1. Creation of user in the OIDC provider
2. Creation of equivalent user in Odoo, which sends them an email invitation
3. The user must accept the invitation
4. … and log in using SSO.

This is cumbersome and error-prone.

Describe the solution you'd like

When a user uses OIDC to log in to Odoo, and there is no corresponding user account, an Odoo user should be created on the fly, using data from the OIDC claims.

Ideally, I would be able to limit this "self-registration" to certain claim values, i.e. only allow users with email addresses matching e.g. *@example.org.

Additional context

WikiJS does this exceptionally well:

[github-actions[bot]]

There hasn't been any activity on this issue in the past 6 months, so it has been marked as stale and it will be closed automatically if no further activity occurs in the next 30 days. If you want this issue to never become stale, please ask a PSC member to apply the "no stale" label.

[madduck]

There having been no activity does not mean that the issue is addressed. It just means nobody has done anything yet…