lordwelch/aws-oidc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add groups claim

Browse Source
This commit is contained in:
Jeremy Stott 2019-04-15 23:36:11 +12:00
parent 653521ed9f
commit 0235ceaa79
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
provider/provider.go
View File

@ -32,12 +32,13 @@ type Result struct {
} }
type TokenClaims struct { type TokenClaims struct {
Issuer string `json:"iss"` Issuer string `json:"iss"`
Audience string `json:"aud"` Audience string `json:"aud"`
Subject string `json:"sub"` Subject string `json:"sub"`
Picture string `json:"picture"` Picture string `json:"picture"`
Email string `json:"email"` Email string `json:"email"`
EmailVerified bool `json:"email_verified"` EmailVerified bool `json:"email_verified"`
Groups []string `json:"groups"`
} }
func Authenticate(p *ProviderConfig) (Result, error) { func Authenticate(p *ProviderConfig) (Result, error) {
@ -68,7 +69,7 @@ func Authenticate(p *ProviderConfig) (Result, error) {
ClientSecret: p.ClientSecret, ClientSecret: p.ClientSecret,
Endpoint: provider.Endpoint(), Endpoint: provider.Endpoint(),
RedirectURL: redirectURL, RedirectURL: redirectURL,
Scopes: []string{oidc.ScopeOpenID, "profile", "email"}, Scopes: []string{oidc.ScopeOpenID, "profile", "email", "groups"},
} }
stateData := make([]byte, 32) stateData := make([]byte, 32)