Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

assign users to groups from OIDC claims #1115

Merged
merged 7 commits into from Oct 31, 2023
Merged

assign users to groups from OIDC claims #1115

merged 7 commits into from Oct 31, 2023

Conversation

jeriox
Copy link
Contributor

@jeriox jeriox commented Oct 23, 2023

closes #1105

@coveralls
Copy link

coveralls commented Oct 23, 2023
edited

Coverage Status

coverage: 88.124% (-0.003%) from 88.127% when pulling 03560be on oidc-groups into 55184b0 on main.

@lukasrad02
Copy link

lukasrad02 commented Oct 23, 2023
edited

From my, not Python- or Django-experienced perspective, only considering the overall OIDC stuff, this PR looks good.

Allowing dots for nested access only for the groups claim but not the other ones might seem like a random choice (especially for people not knwoing/using Keycloak's realm_access.roles default claim name). For consistency reasons, you might consider to add support for nested claims to all other claim identifiers or drop it from the groups.
Edit: Sorry, I did not notice that the other claims are hardcoded and use the OIDC default names, so the group claim is the only configurable one. But since there is no default for groups, your solution is fine.

@felixrindt felixrindt added the [C] enhancement Changes to an existing feature making it better label Oct 24, 2023
@jeriox
change default groups behaviour if OIDC group claims are used, displa…
6435d0b 
…y hint for group editing, hide password change view, hide client secret
@jeriox jeriox enabled auto-merge (squash) October 31, 2023 22:57
@jeriox jeriox merged commit 111ddf1 into main Oct 31, 2023
18 checks passed
@jeriox jeriox deleted the oidc-groups branch October 31, 2023 23:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukasrad02 lukasrad02 lukasrad02 left review comments

@felixrindt felixrindt felixrindt approved these changes

Assignees
No one assigned
Labels
[C] enhancement Changes to an existing feature making it better
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Get groups from OIDC
4 participants
@jeriox @coveralls @lukasrad02 @felixrindt