feat(w2): auth core entities + Google OAuth + JWT + NextAuth bridge
Extracted from InspectFlow Sprint 14.1-14.2, repackaged to de.platesoft.auth.*:
- Entities: User, UserIdentity, Membership, Invitation, AccessRequest, LoginEvent, RefreshToken
- Enums: Role, OrgType, MembershipRole, MembershipStatus, InvitationStatus, AccessRequestStatus, LoginProvider
- Services: JwtService, ExchangeService, MembershipService, LoginEventService
- Filter: JwtAuthenticationFilter
- Controller: OAuthController (POST /api/auth/exchange)
- Config: PlateAuthAutoConfiguration, PlateAuthProperties (plate.auth.* namespace)
- Repositories: all auth-related JPA repositories
- SPI: OrgValidator, OrgDisplayNameResolver, InvitationMailer, AccessRequestMailer, OnboardingHook
- SPI defaults: PermissiveOrgValidator (WARN per call), LoggingInvitationMailer,
LoggingAccessRequestMailer, DefaultOrgDisplayNameResolver, NoOpOnboardingHook
- DTOs: ExchangePayload, TokenResponse
- Security: BCrypt encoder, stateless session, CORS from PlateAuthProperties
- META-INF/spring AutoConfiguration.imports registered
All @Value refs replaced with PlateAuthProperties injection.
No references to de.platesoft.inspectflow.* remain.
Patrick Plate
63c953d9b9