Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proxy: Assign user roles from OIDC claim #5784

Merged
merged 9 commits into from
Mar 20, 2023
Merged

proxy: Assign user roles from OIDC claim #5784

merged 9 commits into from
Mar 20, 2023

Commits on Mar 20, 2023

  1. proxy: Move to mockery for generating mocks 

    To align with what we're using everywhere else.
    @rhafer
    rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    dc976a2 View commit details
    Browse the repository at this point in the history

  2. account_resolver: Handle user roles separately from user lookup 

    This removes the "withRoles" flag from the GetUserByClaims lookup and move the
functionality into a separate method. This should make the code a bit more readable
in preparation for maintaining the RoleAssignments from OIDC claims.
    @rhafer
    rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    be5978c View commit details
    Browse the repository at this point in the history

  3. proxy: Move CS3 User backend options to "functional" options 

    This will make it easier to add/remove options to the backend in the
future.
    @rhafer
    rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    6918a88 View commit details
    Browse the repository at this point in the history

  4. proxy: Add an interface for user role assignment 

    This moves the lookup and the creation of the users' role assignemt out
of the user backend into its own interface. This makes the user backend
a bit simpler and allows to provide different implemenation for the user
role assignment more easily.
    @rhafer
    rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    fac6c52 View commit details
    Browse the repository at this point in the history

  5. Extract role assignments from claims 

    Add a UserRoleAssigner implementation that extract role names from the
users' claims and creates role assignments in the settings service based
on a configured mapping of claim values to ocis role names.

Closes: owncloud#5669
    @rhafer
    rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    b452d16 View commit details
    Browse the repository at this point in the history

  6. proxy: Add some missing doc strings

    @rhafer
    rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    0f59813 View commit details
    Browse the repository at this point in the history

  7. proxy: Cache the role Mapping for some time 

    Avoid torturing the settings service with "ListRoles" request for
every incoming request to the proxy.
The role Mapping is refreshed if cached data is older than 5 minutes.
    @rhafer
    rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    13cdcbb View commit details
    Browse the repository at this point in the history

  8. fix link

    @butonic @rhafer
    butonic authored and rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    02554ac View commit details
    Browse the repository at this point in the history

  9. Address some linter warnings 

    Response bodies need to be closed
    @rhafer
    rhafer committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    61d3488 View commit details
    Browse the repository at this point in the history