Revert ClaimMapping struct
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
This commit is contained in:
Happy2C0de
@@ -61,19 +61,16 @@ type Config struct {
|
||||
// This setting allows you to override the default behavior of Dex and enforce the mappings defined in `claimMapping`.
|
||||
OverrideClaimMapping bool `json:"overrideClaimMapping"` // defaults to false
|
||||
|
||||
ClaimMapping ClaimMapping `json:"claimMapping"`
|
||||
}
|
||||
ClaimMapping struct {
|
||||
// Configurable key which contains the preferred username claims
|
||||
PreferredUsernameKey string `json:"preferred_username"` // defaults to "preferred_username"
|
||||
|
||||
type ClaimMapping struct {
|
||||
// Configurable key which contains the email claims
|
||||
EmailKey string `json:"email"` // defaults to "email"
|
||||
|
||||
// Configurable key which contains the preferred username claims
|
||||
PreferredUsernameKey string `json:"preferred_username"` // defaults to "preferred_username"
|
||||
|
||||
// Configurable key which contains the email claims
|
||||
EmailKey string `json:"email"` // defaults to "email"
|
||||
|
||||
// Configurable key which contains the groups claims
|
||||
GroupsKey string `json:"groups"` // defaults to "groups"
|
||||
// Configurable key which contains the groups claims
|
||||
GroupsKey string `json:"groups"` // defaults to "groups"
|
||||
} `json:"claimMapping"`
|
||||
}
|
||||
|
||||
// Domains that don't support basic auth. golang.org/x/oauth2 has an internal
|
||||
@@ -162,7 +159,9 @@ func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, e
|
||||
userIDKey: c.UserIDKey,
|
||||
userNameKey: c.UserNameKey,
|
||||
overrideClaimMapping: c.OverrideClaimMapping,
|
||||
claimMapping: c.ClaimMapping,
|
||||
preferredUsernameKey: c.ClaimMapping.PreferredUsernameKey,
|
||||
emailKey: c.ClaimMapping.EmailKey,
|
||||
groupsKey: c.ClaimMapping.GroupsKey,
|
||||
}, nil
|
||||
}
|
||||
|
||||
@@ -186,7 +185,9 @@ type oidcConnector struct {
|
||||
userIDKey string
|
||||
userNameKey string
|
||||
overrideClaimMapping bool
|
||||
claimMapping ClaimMapping
|
||||
preferredUsernameKey string
|
||||
emailKey string
|
||||
groupsKey string
|
||||
}
|
||||
|
||||
func (c *oidcConnector) Close() error {
|
||||
@@ -296,8 +297,8 @@ func (c *oidcConnector) createIdentity(ctx context.Context, identity connector.I
|
||||
|
||||
prefUsername := "preferred_username"
|
||||
preferredUsername, found := claims[prefUsername].(string)
|
||||
if (!found || c.overrideClaimMapping) && c.claimMapping.PreferredUsernameKey != "" {
|
||||
prefUsername = c.claimMapping.PreferredUsernameKey
|
||||
if (!found || c.overrideClaimMapping) && c.preferredUsernameKey != "" {
|
||||
prefUsername = c.preferredUsernameKey
|
||||
preferredUsername, found = claims[prefUsername].(string)
|
||||
if !found {
|
||||
return identity, fmt.Errorf("missing \"%s\" claim", prefUsername)
|
||||
@@ -315,8 +316,8 @@ func (c *oidcConnector) createIdentity(ctx context.Context, identity connector.I
|
||||
var email string
|
||||
emailKey := "email"
|
||||
email, found = claims[emailKey].(string)
|
||||
if (!found || c.overrideClaimMapping) && c.claimMapping.EmailKey != "" {
|
||||
emailKey = c.claimMapping.EmailKey
|
||||
if (!found || c.overrideClaimMapping) && c.emailKey != "" {
|
||||
emailKey = c.emailKey
|
||||
email, found = claims[emailKey].(string)
|
||||
if !found {
|
||||
return identity, fmt.Errorf("missing \"%s\" claim", emailKey)
|
||||
@@ -340,8 +341,8 @@ func (c *oidcConnector) createIdentity(ctx context.Context, identity connector.I
|
||||
if c.insecureEnableGroups {
|
||||
groupsKey := "groups"
|
||||
vs, found := claims[groupsKey].([]interface{})
|
||||
if (!found || c.overrideClaimMapping) && c.claimMapping.GroupsKey != "" {
|
||||
groupsKey = c.claimMapping.GroupsKey
|
||||
if (!found || c.overrideClaimMapping) && c.groupsKey != "" {
|
||||
groupsKey = c.groupsKey
|
||||
vs, found = claims[groupsKey].([]interface{})
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user