Add support for a list of groups represented as maps in OAuth. #23
Conversation
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.
concourse#23
Signed-off-by: Vlad Safronov <[email protected]>
vladsf
force-pushed
the
fix_oauth_groups
branch
from
f9399ce to
57037a4
Compare
Signed-off-by: Vlad Safronov <[email protected]>
|
Hi @clarafu, would you please review the contribution? |
|
@vladsf Sorry for the delay, it looks good to me but I'm just going to quickly have @xtremerui confirm that this is okay for me since he has a lot more context on dex than myself! |
Thank you @clarafu. I am using Oracle Identity Cloud Service as oauth provider. I see. I have not tested OIDC yet, but I hope to try it in a few days. Did you consider submitting this OAuth connector to the upstream? |
Already did it a long time ago, however it is still pending there for some reason. dexidp#1630 |
@clarafu I tried and failed. skipIssuerValidation and InsecureIssuerURLContext are not supported in the mainstream OIDC connector. So it fails with |
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.
#23
Signed-off-by: Vlad Safronov <[email protected]>
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.
#23
Signed-off-by: Vlad Safronov <[email protected]>
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.
#23
Signed-off-by: Vlad Safronov <[email protected]>
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.
concourse#23
Signed-off-by: Vlad Safronov <[email protected]>
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.
concourse#23
Signed-off-by: Vlad Safronov <[email protected]>
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.
concourse#23
Signed-off-by: Vlad Safronov <[email protected]>
Hi,
Overview
I read about DCO, etc. I am not familiar with Golang yet, so I have created a draft PR to discuss
the problem which the fix outlines and possibly? solves before investing more time.
What this PR does / why we need it
OAuth supports providing user groups in userinfo token. Yet there are cases when groups are represented
as a list of maps, not strings e.g. "groups":[{"id":"1", "name":"gr1"},{"id": "2", "name":"gr2"}]. Current code
does not support that and ignores groups information.
Does this PR introduce a user-facing change?