From 2eb2ceaea74f48f5a03eae9231f506332088996a Mon Sep 17 00:00:00 2001 From: Martin Wallgren Date: Wed, 19 Apr 2023 13:33:11 +0200 Subject: [PATCH 1/2] Allow adding fields from user info This change makes it possible to extract extra fields form user info to the generated token. For example, to have `upn` from the Azure token be added to the final JWT, we can add the below to the oauth config section. extract upn from userinfo --- pkg/idp/oauth/validator.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkg/idp/oauth/validator.go b/pkg/idp/oauth/validator.go index 42df3f6..4c4fbd0 100644 --- a/pkg/idp/oauth/validator.go +++ b/pkg/idp/oauth/validator.go @@ -19,6 +19,7 @@ import ( jwtlib "github.com/golang-jwt/jwt/v4" "github.com/greenpau/go-authcrunch/pkg/errors" "github.com/greenpau/go-authcrunch/pkg/kms" + "go.uber.org/zap" "strings" ) @@ -96,8 +97,14 @@ func (b *IdentityProvider) validateAccessToken(state string, data map[string]int return nil, errors.ErrIdentityProviderOAuthEmailNotFound.WithArgs(b.config.IdentityTokenName) } } - m := make(map[string]interface{}) + for k, v := range claims { + if _, exists := b.userInfoFields[k]; exists { + b.logger.Debug("Add user info field.", zap.String(k, fmt.Sprintf("%v", v))) + m[k] = v + } + } + for _, k := range tokenFields { if _, exists := claims[k]; !exists { continue From d8ca2d66de543c6d77a7fc26df329c892a487178 Mon Sep 17 00:00:00 2001 From: Martin Wallgren Date: Wed, 19 Apr 2023 13:51:11 +0200 Subject: [PATCH 2/2] Consent to individual CLA --- assets/cla/consent.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/assets/cla/consent.yaml b/assets/cla/consent.yaml index 4e5edfe..bf8c8a6 100644 --- a/assets/cla/consent.yaml +++ b/assets/cla/consent.yaml @@ -30,4 +30,6 @@ - name: Sergiu Cozma email: sergiucozma1994@gmail.com - name: Riccardo Piola - email: riccardopiola@live.it \ No newline at end of file + email: riccardopiola@live.it +- name: Martin Wallgren + email: martin@wallgren.it