docs: additional notes about available claims for HeaderValue (#2674)

* docs: additional notes on HeaderValue * docs: add code comments * fix missing preferred_username * regenerate docs * add changelog entry --------- Co-authored-by: afsu <saf@zjuici.com> Co-authored-by: Jan Larwig <jan@larwig.com>
2025-04-23 12:18:50 +02:00 · 2024-07-19 04:31:19 +08:00 · 2024-07-19 04:31:19 +08:00 · 211c605875
commit 211c605875
parent a22668eb8c
3 changed files with 5 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,6 +11,7 @@
 - [#2539](https://github.com/oauth2-proxy/oauth2-proxy/pull/2539) pkg/http: Fix leaky test (@isodude)
 - [#4917](https://github.com/oauth2-proxy/oauth2-proxy/pull/4917) Upgraded all modules to the latest version (@pierluigilenoci)
 - [#2570](https://github.com/oauth2-proxy/oauth2-proxy/pull/2570) Set default user agent to oauth2-proxy/$version (from default Golang one)
+- [#2674](https://github.com/oauth2-proxy/oauth2-proxy/pull/2674) docs: additional notes about available claims for HeaderValue (@vegetablest)

 # V7.6.0

--- a/docs/docs/configuration/alpha_config.md
+++ b/docs/docs/configuration/alpha_config.md
@ -200,7 +200,7 @@ ClaimSource allows loading a header value from a claim within the session

 | Field | Type | Description |
 | ----- | ---- | ----------- |
-| `claim` | _string_ | Claim is the name of the claim in the session that the value should be<br/>loaded from. |
+| `claim` | _string_ | Claim is the name of the claim in the session that the value should be<br/>loaded from. Available claims: `access_token` `id_token` `created_at`<br/>`expires_on` `refresh_token` `email` `user` `groups` `preferred_username`. |
 | `prefix` | _string_ | Prefix is an optional prefix that will be prepended to the value of the<br/>claim if it is non-empty. |
 | `basicAuthPassword` | _[SecretSource](#secretsource)_ | BasicAuthPassword converts this claim into a basic auth header.<br/>Note the value of claim will become the basic auth username and the<br/>basicAuthPassword will be used as the password value. |

@ -278,7 +278,7 @@ make up the header value
 | `value` | _[]byte_ | Value expects a base64 encoded string value. |
 | `fromEnv` | _string_ | FromEnv expects the name of an environment variable. |
 | `fromFile` | _string_ | FromFile expects a path to a file containing the secret value. |
-| `claim` | _string_ | Claim is the name of the claim in the session that the value should be<br/>loaded from. |
+| `claim` | _string_ | Claim is the name of the claim in the session that the value should be<br/>loaded from. Available claims: `access_token` `id_token` `created_at`<br/>`expires_on` `refresh_token` `email` `user` `groups` `preferred_username`. |
 | `prefix` | _string_ | Prefix is an optional prefix that will be prepended to the value of the<br/>claim if it is non-empty. |
 | `basicAuthPassword` | _[SecretSource](#secretsource)_ | BasicAuthPassword converts this claim into a basic auth header.<br/>Note the value of claim will become the basic auth username and the<br/>basicAuthPassword will be used as the password value. |

--- a/pkg/apis/options/header.go
+++ b/pkg/apis/options/header.go
@ -30,7 +30,8 @@ type HeaderValue struct {
 // ClaimSource allows loading a header value from a claim within the session
 type ClaimSource struct {
 	// Claim is the name of the claim in the session that the value should be
-	// loaded from.
+	// loaded from. Available claims: `access_token` `id_token` `created_at`
+	// `expires_on` `refresh_token` `email` `user` `groups` `preferred_username`.
 	Claim string `json:"claim,omitempty"`

 	// Prefix is an optional prefix that will be prepended to the value of the