Feat: implement OIDC flow

[NishchayRajput]

Description

This pull request adds work-in-progress OIDC login support for harbor-cli together with the Harbor Core changes needed to support that flow.

Current implementation allows harbor-cli to start an OIDC login through Harbor Core, return a browser login URL, poll Harbor Core for completion using OIDC state, store the returned credential locally, and use bearer authentication for later API requests.

This change is needed because Harbor currently supports browser-based OIDC login, but harbor-cli does not yet have a native OIDC login flow. The current implementation is still being actively worked on and is not final yet.

• Fixes [feature]: Harbor CLI OIDC auth (LFX Term-2, June-Augut 2026) #1006

Type of Change

Please select the relevant type.

• Bug fix
• New feature
• Refactor
• Documentation update
• Chore / maintenance

Changes

• added harbor login <server> --oidc
• added OIDC login initiation helper against:
  • GET /c/oidc/login?mode=cli
• added OIDC polling helper against:
  • GET /c/oidc/cli-token?state=...
• added local OIDC credential storage support:
  • auth-type
  • id-token
  • refresh-token
  • expires-at
• added bearer-token client path for OIDC credentials
• updated tests for the state-based polling contract

Flow Diagram

Video

Screencast.from.21-06-26.04.07.57.PM.IST.webm

[NishchayRajput]

@bupd Please have look at the idea. We may also required changes on harbore-core using existing oidc flow still required still needed few changes like polling state to get the id_token and other details. It's not completed yet but wanted you to have a look and design level decisions.

PS: ignore lint for now :)

[codecov]

Codecov Report

❌ Patch coverage is 39.39394% with 120 lines in your changes missing coverage. Please review.
✅ Project coverage is 9.62%. Comparing base (60ad0bd) to head (5e780fa).
⚠️ Report is 187 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/utils/oidc.go	46.23%	33 Missing and 17 partials ⚠️
pkg/utils/config.go	35.08%	29 Missing and 8 partials ⚠️
pkg/utils/client.go	0.00%	20 Missing and 1 partial ⚠️
cmd/harbor/root/login.go	55.55%	6 Missing and 6 partials ⚠️

Additional details and impacted files

@@            Coverage Diff            @@
##             main   #1007      +/-   ##
=========================================
- Coverage   10.99%   9.62%   -1.37%     
=========================================
  Files         173     322     +149     
  Lines        8671   16280    +7609     
=========================================
+ Hits          953    1567     +614     
- Misses       7612   14542    +6930     
- Partials      106     171      +65     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[NishchayRajput]

Suggestion:

• We can use URL shortener or copy support for the link in the terminal itself.
• Also should display the QR code for the url incase user can scan via phone.

Please let me know if you have more suggestion.