3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 10:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity

oidc: use groups claim from ID token if present (#1970)

Browse source 
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
This commit is contained in:
Nándor István Krácser 2021-03-22 18:46:01 +01:00 committed by GitHub
parent b36c074a33
commit 45fb938317
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
authorize/evaluator/opa/policy/authz.rego
View file

@ -210,6 +210,10 @@ jwt_payload_email = v {
jwt_payload_groups = v {
v = array.concat(group_ids, get_databroker_group_names(group_ids))
v != []
} else = v {
v = session.claims["groups"]
v != null
} else = [] {
true
}