luckyimnotanigger/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-05-31 11:52:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Add groups scope/claim to OIDC/OAuth2 Provider (#17367)

Browse source 
* Add groups scope/claim to OICD/OAuth2

Add support for groups claim as part of the OIDC/OAuth2 flow.
Groups is a list of "org" and "org:team" strings to allow clients to
authorize based on the groups a user is part of.

Signed-off-by: Nico Schieder <code@nico-schieder.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This commit is contained in:
Nico Schieder 2021-10-22 11:19:24 +02:00 committed by GitHub
parent af96286f22
commit 870f5fbc41
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 57 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
services/auth/source/oauth2/token.go
View file

@ -83,6 +83,9 @@ type OIDCToken struct {
// Scope email
Email string `json:"email,omitempty"`
EmailVerified bool `json:"email_verified,omitempty"`
// Groups are generated by organization and team names
Groups []string `json:"groups,omitempty"`
}
// SignToken signs an id_token with the (symmetric) client secret key