From 0235ceaa79c48014603fb57a40c9b870ff3e60e6 Mon Sep 17 00:00:00 2001
From: Jeremy Stott <jeremy@stott.co.nz>
Date: Mon, 15 Apr 2019 23:36:11 +1200
Subject: [PATCH] Add groups claim

---
 provider/provider.go | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/provider/provider.go b/provider/provider.go
index dbb84dd..22cc766 100644
--- a/provider/provider.go
+++ b/provider/provider.go
@@ -32,12 +32,13 @@ type Result struct {
 }
 
 type TokenClaims struct {
-	Issuer        string `json:"iss"`
-	Audience      string `json:"aud"`
-	Subject       string `json:"sub"`
-	Picture       string `json:"picture"`
-	Email         string `json:"email"`
-	EmailVerified bool   `json:"email_verified"`
+	Issuer        string   `json:"iss"`
+	Audience      string   `json:"aud"`
+	Subject       string   `json:"sub"`
+	Picture       string   `json:"picture"`
+	Email         string   `json:"email"`
+	EmailVerified bool     `json:"email_verified"`
+	Groups        []string `json:"groups"`
 }
 
 func Authenticate(p *ProviderConfig) (Result, error) {
@@ -68,7 +69,7 @@ func Authenticate(p *ProviderConfig) (Result, error) {
 		ClientSecret: p.ClientSecret,
 		Endpoint:     provider.Endpoint(),
 		RedirectURL:  redirectURL,
-		Scopes:       []string{oidc.ScopeOpenID, "profile", "email"},
+		Scopes:       []string{oidc.ScopeOpenID, "profile", "email", "groups"},
 	}
 
 	stateData := make([]byte, 32)