Feat: OIDC UI bridge, Microsoft SSO,, and schema session flaws

- OAuth Callback to Use Gatehouse UI to login instead of Backend Served dull ui
- Setup Autoregister of user + org, on oauth
- Microsoft Oauth Support
- OIDCRefreshToken.access_token_id  had a narrow Column increased to VAR(255) and remove FK to sessions.id which had no use
- client_id and client.id mismatch ,backup-code consumption

config/base.py

@@ -113,3 +113,6 @@ class BaseConfig:
     WEBAUTHN_RP_ID = os.getenv("WEBAUTHN_RP_ID", "localhost")
     WEBAUTHN_RP_NAME = os.getenv("WEBAUTHN_RP_NAME", "Gatehouse")
     WEBAUTHN_ORIGIN = os.getenv("WEBAUTHN_ORIGIN", "https://ui.webauthn.local")
+
+    # Frontend URL (for OAuth callback redirects)
+    FRONTEND_URL = os.getenv("FRONTEND_URL", "http://localhost:8080")

config/development.py

@@ -16,3 +16,12 @@ class DevelopmentConfig(BaseConfig):
 
     # Reduced bcrypt rounds for faster dev cycles
     BCRYPT_LOG_ROUNDS = 4
+
+    # Gatehouse React UI URL — OIDC authorize redirects here instead of showing raw HTML
+    OIDC_UI_URL = os.getenv("OIDC_UI_URL", "http://localhost:8080")
+
+    # Add localhost:8080 (React UI) to CORS allowed origins for OIDC bridge endpoints
+    CORS_ORIGINS = os.getenv(
+        "CORS_ORIGINS",
+        "http://localhost:8080,http://localhost:3000,http://localhost:5173,https://ui.webauthn.local"
+    ).split(",")