k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity

Reduced OpenShift scopes and enhanced documentation

Browse Source
This commit is contained in:
Andrew Block
2019-12-26 03:14:20 -06:00
parent 5afa02644a
commit 296659cb50
2 changed files with 34 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
connector/openshift/openshift.go
View File

@@ -109,7 +109,7 @@ func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, e
Endpoint: oauth2.Endpoint{
AuthURL: metadata.Auth, TokenURL: metadata.Token,
},
Scopes: []string{"user:info", "user:check-access", "user:full"},
Scopes: []string{"user:info"},
RedirectURL: c.RedirectURI,
}
return &openshiftConnector, nil
@@ -168,7 +168,7 @@ func (c *openshiftConnector) HandleCallback(s connector.Scopes, r *http.Request)
validGroups := validateRequiredGroups(user.Groups, c.groups)
if !validGroups {
return identity, fmt.Errorf("openshift: user %q is not in any of the required teams", user.Name)
return identity, fmt.Errorf("openshift: user %q is not in any of the required groups", user.Name)
}
identity = connector.Identity{