-
- Downloads
Feature/configurable userid claim minimal (#499)
* Add -user-id-claim to support other claims than email Fix #431 - This is a minimal change to allow the user to configure which claim is the source of the "user ID". - Add the option `user-id-claim` (defaults to email) - OIDC extracts this claim into session.Email (to be renamed later) - providers: add `CreateSessionStateFromBearerToken` with a default impl taken from `GetJwtSession` and overridden by oidc to respect `user-id-claim` Once #466 is merged, I can continue to rename SessionState.Email to .UserID and add HTTP headers with a corresponding name. * Apply suggestions from code review Co-Authored-By:Joel Speed <Joel.speed@hotmail.co.uk> * Review feedback: Don't extract claims manually Instead, parse them twice - it might be sligtly slower but less bug-prone as the code evolves. * Fix indentation Co-authored-by:
Joel Speed <Joel.speed@hotmail.co.uk>
Showing
- CHANGELOG.md 1 addition, 0 deletionsCHANGELOG.md
- docs/configuration/configuration.md 1 addition, 0 deletionsdocs/configuration/configuration.md
- main.go 2 additions, 0 deletionsmain.go
- oauthproxy.go 2 additions, 30 deletionsoauthproxy.go
- options.go 3 additions, 0 deletionsoptions.go
- providers/oidc.go 74 additions, 23 deletionsproviders/oidc.go
- providers/oidc_test.go 23 additions, 0 deletionsproviders/oidc_test.go
- providers/provider_default.go 36 additions, 0 deletionsproviders/provider_default.go
- providers/providers.go 2 additions, 0 deletionsproviders/providers.go
Loading
Please register or sign in to comment