-
Notifications
You must be signed in to change notification settings - Fork 182
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
proxy: Assign user roles from OIDC claim #5784
Commits on Mar 20, 2023
-
proxy: Move to mockery for generating mocks
To align with what we're using everywhere else.
Configuration menu - View commit details
-
Copy full SHA for dc976a2 - Browse repository at this point
Copy the full SHA dc976a2View commit details -
account_resolver: Handle user roles separately from user lookup
This removes the "withRoles" flag from the GetUserByClaims lookup and move the functionality into a separate method. This should make the code a bit more readable in preparation for maintaining the RoleAssignments from OIDC claims.
Configuration menu - View commit details
-
Copy full SHA for be5978c - Browse repository at this point
Copy the full SHA be5978cView commit details -
proxy: Move CS3 User backend options to "functional" options
This will make it easier to add/remove options to the backend in the future.
Configuration menu - View commit details
-
Copy full SHA for 6918a88 - Browse repository at this point
Copy the full SHA 6918a88View commit details -
proxy: Add an interface for user role assignment
This moves the lookup and the creation of the users' role assignemt out of the user backend into its own interface. This makes the user backend a bit simpler and allows to provide different implemenation for the user role assignment more easily.
Configuration menu - View commit details
-
Copy full SHA for fac6c52 - Browse repository at this point
Copy the full SHA fac6c52View commit details -
Extract role assignments from claims
Add a UserRoleAssigner implementation that extract role names from the users' claims and creates role assignments in the settings service based on a configured mapping of claim values to ocis role names. Closes: owncloud#5669
Configuration menu - View commit details
-
Copy full SHA for b452d16 - Browse repository at this point
Copy the full SHA b452d16View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0f59813 - Browse repository at this point
Copy the full SHA 0f59813View commit details -
proxy: Cache the role Mapping for some time
Avoid torturing the settings service with "ListRoles" request for every incoming request to the proxy. The role Mapping is refreshed if cached data is older than 5 minutes.
Configuration menu - View commit details
-
Copy full SHA for 13cdcbb - Browse repository at this point
Copy the full SHA 13cdcbbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 02554ac - Browse repository at this point
Copy the full SHA 02554acView commit details -
Configuration menu - View commit details
-
Copy full SHA for 61d3488 - Browse repository at this point
Copy the full SHA 61d3488View commit details