aboutsummaryrefslogtreecommitdiffstats
path: root/services/auth/source/oauth2/source.go
diff options
context:
space:
mode:
authorKN4CK3R <admin@oldschoolhack.me>2023-02-08 07:44:42 +0100
committerGitHub <noreply@github.com>2023-02-08 14:44:42 +0800
commite8186f1c0f194ce3f63bed9a564002b80c0859c9 (patch)
tree75ffc50f54af2ef441ecf60448531b9e0ed64490 /services/auth/source/oauth2/source.go
parent2c6cc0b8c982b3d49a5b208f75e15b2269584312 (diff)
downloadgitea-e8186f1c0f194ce3f63bed9a564002b80c0859c9.tar.gz
gitea-e8186f1c0f194ce3f63bed9a564002b80c0859c9.zip
Map OIDC groups to Orgs/Teams (#21441)
Fixes #19555 Test-Instructions: https://github.com/go-gitea/gitea/pull/21441#issuecomment-1419438000 This PR implements the mapping of user groups provided by OIDC providers to orgs teams in Gitea. The main part is a refactoring of the existing LDAP code to make it usable from different providers. Refactorings: - Moved the router auth code from module to service because of import cycles - Changed some model methods to take a `Context` parameter - Moved the mapping code from LDAP to a common location I've tested it with Keycloak but other providers should work too. The JSON mapping format is the same as for LDAP. ![grafik](https://user-images.githubusercontent.com/1666336/195634392-3fc540fc-b229-4649-99ac-91ae8e19df2d.png) --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Diffstat (limited to 'services/auth/source/oauth2/source.go')
-rw-r--r--services/auth/source/oauth2/source.go23
1 files changed, 9 insertions, 14 deletions
diff --git a/services/auth/source/oauth2/source.go b/services/auth/source/oauth2/source.go
index 0abebc04ec..675005e55a 100644
--- a/services/auth/source/oauth2/source.go
+++ b/services/auth/source/oauth2/source.go
@@ -8,13 +8,6 @@ import (
"code.gitea.io/gitea/modules/json"
)
-// ________ _____ __ .__ ________
-// \_____ \ / _ \ __ ___/ |_| |__ \_____ \
-// / | \ / /_\ \| | \ __\ | \ / ____/
-// / | \/ | \ | /| | | Y \/ \
-// \_______ /\____|__ /____/ |__| |___| /\_______ \
-// \/ \/ \/ \/
-
// Source holds configuration for the OAuth2 login source.
type Source struct {
Provider string
@@ -24,13 +17,15 @@ type Source struct {
CustomURLMapping *CustomURLMapping
IconURL string
- Scopes []string
- RequiredClaimName string
- RequiredClaimValue string
- GroupClaimName string
- AdminGroup string
- RestrictedGroup string
- SkipLocalTwoFA bool `json:",omitempty"`
+ Scopes []string
+ RequiredClaimName string
+ RequiredClaimValue string
+ GroupClaimName string
+ AdminGroup string
+ GroupTeamMap string
+ GroupTeamMapRemoval bool
+ RestrictedGroup string
+ SkipLocalTwoFA bool `json:",omitempty"`
// reference to the authSource
authSource *auth.Source