feat: Add user profile selector feature for client configuration

[jkroepke]

What this PR does / why we need it

Which issue this PR fixes

(optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #

• fixes Feature Request: Support array-based token-claims (e.g. groups) for client-specific configuration #690

Special notes for your reviewer

Particularly user-facing changes

Checklist

Complete these before marking the PR as ready to review:

• DCO signed
• The PR title has a summary of the changes
• The PR body has a summary to reflect any significant (and particularly user-facing) changes introduced by this PR

[codecov]

Codecov Report

❌ Patch coverage is 85.32110% with 32 lines in your changes missing coverage. Please review.
✅ Project coverage is 84.31%. Comparing base (7892704) to head (67d01e2).
⚠️ Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
internal/oauth2/handler.go	79.33%	21 Missing and 10 partials ⚠️
internal/oauth2/providers/github/oidc.go	50.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #707      +/-   ##
==========================================
- Coverage   84.54%   84.31%   -0.23%     
==========================================
  Files          58       59       +1     
  Lines        3442     3602     +160     
==========================================
+ Hits         2910     3037     +127     
- Misses        371      393      +22     
- Partials      161      172      +11     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

This PR adds a user profile selector feature that allows users to choose their OpenVPN client configuration profile after OAuth2 authentication. The feature enables administrators to present multiple configuration profiles (from static values or token claims) and let users select one, which is then used to look up the configuration file in the Client Configuration Directory (CCD).

Changes:

• Added profile selection UI with internationalization support for multiple languages
• Refactored state management to move timestamp handling from State struct to encryption layer
• Added new OAuth2 handler endpoint for profile submission with token-based validation
• Extended configuration options to support static profile values and user selector settings

Reviewed changes

Copilot reviewed 24 out of 24 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
internal/ui/index.gohtml	Added profile selector form with hidden token field and submit buttons
internal/ui/assets/style.css	Added CSS styling for profile buttons with responsive design and accessibility support
internal/ui/assets/i18n/*.json	Added translations for profile selector UI in Ukrainian, Dutch, Armenian, French, and German
internal/state/state.go	Removed Issued field from State struct, moved timestamp to encryption layer
internal/state/encrypt.go	New file implementing Encrypt/Decrypt functions with timestamp prepending
internal/state/state_test.go	Updated tests to reflect new state format without Issued field
internal/oauth2/handler.go	Added profile selector logic, new endpoint handler, and helper functions
internal/oauth2/handler_test.go	Added comprehensive tests for profile selector scenarios
internal/oauth2/types.go	Added clientConfigToken struct for profile selection
internal/openvpn/callbacks.go	Improved client config logging with better conditional handling
internal/oauth2/providers/github/oidc.go	Refactored to use centralized error handling
internal/httphandler/handler.go	Registered new POST endpoint for profile submission
internal/config/types.go	Added profile selector configuration structs and reordered fields
internal/config/flags.go	Added command-line flags for profile selector configuration
internal/config/defaults.go	Set default values for profile selector settings
internal/config/config_test.go	Added test cases for profile selector configuration
docs/Configuration.md	Added documentation for new configuration options
Makefile	Added new go-field-alignment tool to fmt target

Comments suppressed due to low confidence (1)

internal/state/state.go:69

• The comment documenting the field order in Encode() still references "Issued" as the last field, but the Issued field has been removed from the State struct and the encoding logic. This comment should be updated to remove "Issued" from the field list.

//	CID KID AuthFailedReasonFile AuthControlFile SessionID UsernameIsDefined CommonName IPAddr IPPort SessionState Issued

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[jkroepke]

@copilot open a new pull request to apply changes based on the comments in this thread

[Copilot]

@jkroepke I've opened a new pull request, #721, to work on those changes. Once the pull request is ready, I'll request review from you.