3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 08:50:42 +02:00
Code Issues Projects Releases Packages Wiki Activity

azure: use OID for user id in session (#985)

Browse source
This commit is contained in:
Caleb Doxsey 2020-06-23 12:02:17 -06:00 committed by GitHub
parent 17ba595ced
commit 0d277cf662
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 14 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

13
internal/sessions/state.go
View file

@ -7,6 +7,8 @@ import (
"time"
"gopkg.in/square/go-jose.v2/jwt"
"github.com/pomerium/pomerium/internal/grpc/databroker"
)
// ErrMissingID is the error for a session state that has no ID set.
@ -27,6 +29,9 @@ type State struct {
ID string `json:"jti,omitempty"`
Version string `json:"ver,omitempty"`
// Azure returns OID which should be used instead of subject.
OID string `json:"oid,omitempty"`
// Impersonate-able fields
ImpersonateEmail string `json:"impersonate_email,omitempty"`
ImpersonateGroups []string `json:"impersonate_groups,omitempty"`
@ -57,6 +62,14 @@ func (s *State) Impersonating() bool {
return s.ImpersonateEmail != "" || len(s.ImpersonateGroups) != 0
}
// UserID returns the corresponding user ID for a session.
func (s *State) UserID(provider string) string {
if s.OID != "" {
return databroker.GetUserID(provider, s.OID)
}
return databroker.GetUserID(provider, s.Subject)
}
// SetImpersonation sets impersonation user and groups.
func (s *State) SetImpersonation(email, groups string) {
s.ImpersonateEmail = email