go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-06 23:46:28 +02:00
Code Issues Releases Activity

Add groups to session too when creating session from token

Browse Source
This commit is contained in:
Adrian Aneci 2022-03-07 18:54:24 +02:00
parent 45ef848b0a
commit a392cc1098
2 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -8,6 +8,7 @@
## Changes since v7.2.1 ## Changes since v7.2.1
- [#1583](https://github.com/oauth2-proxy/oauth2-proxy/pull/1583) Add groups to session too when creating session from bearer token (@adriananeci)
- [#1418](https://github.com/oauth2-proxy/oauth2-proxy/pull/1418) Support for passing arbitrary query parameters through from `/oauth2/start` to the identity provider's login URL. Configuration settings control which parameters are passed by default and precisely which values can be overridden per-request (@ianroberts) - [#1418](https://github.com/oauth2-proxy/oauth2-proxy/pull/1418) Support for passing arbitrary query parameters through from `/oauth2/start` to the identity provider's login URL. Configuration settings control which parameters are passed by default and precisely which values can be overridden per-request (@ianroberts)
- [#1559](https://github.com/oauth2-proxy/oauth2-proxy/pull/1559) Introduce ProviderVerifier to clean up OIDC discovery code (@JoelSpeed) - [#1559](https://github.com/oauth2-proxy/oauth2-proxy/pull/1559) Introduce ProviderVerifier to clean up OIDC discovery code (@JoelSpeed)
- [#1561](https://github.com/oauth2-proxy/oauth2-proxy/pull/1561) Add ppc64le support (@mgiessing) - [#1561](https://github.com/oauth2-proxy/oauth2-proxy/pull/1561) Add ppc64le support (@mgiessing)

2
pkg/apis/middleware/session.go
View File

@ -24,6 +24,7 @@ func CreateTokenToSessionFunc(verify VerifyFunc) TokenToSessionFunc {
Email string `json:"email"` Email string `json:"email"`
Verified *bool `json:"email_verified"` Verified *bool `json:"email_verified"`
PreferredUsername string `json:"preferred_username"` PreferredUsername string `json:"preferred_username"`
Groups []string `json:"groups"`
} }
idToken, err := verify(ctx, token) idToken, err := verify(ctx, token)
@ -46,6 +47,7 @@ func CreateTokenToSessionFunc(verify VerifyFunc) TokenToSessionFunc {
newSession := &sessionsapi.SessionState{ newSession := &sessionsapi.SessionState{
Email: claims.Email, Email: claims.Email,
User: claims.Subject, User: claims.Subject,
Groups: claims.Groups,
PreferredUsername: claims.PreferredUsername, PreferredUsername: claims.PreferredUsername,
AccessToken: token, AccessToken: token,
IDToken: token, IDToken: token,