eliott/ocis
1
0
Fork 0
mirror of https://github.com/owncloud/ocis synced 2026-04-26 01:35:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

idp/proxy: Match users by ID instead of name by default

Browse Source 
Reconfigure the oidc clients for lico, so that lico adds the "lg.uuid" to
tokens and userinfo by default. That claim will contain the userid. So
we can now use the userid for matching users when using the default
idm/idp configuration. This fixes further problems so that users being
recreated with the same name are correctly treated as differnt users.

Fixes: #904
This commit is contained in:
Ralf Haferkamp
2023-05-17 10:57:49 +02:00
committed by Ralf Haferkamp
parent e17194df63
commit 52951b42b0
5 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
services/proxy/pkg/command/server.go
View File

@@ -340,8 +340,10 @@ func loadMiddlewares(ctx context.Context, logger log.Logger, cfg *config.Config,
if cfg.EnableBasicAuth {
logger.Warn().Msg("basic auth enabled, use only for testing or development")
authenticators = append(authenticators, middleware.BasicAuthenticator{
Logger: logger,
UserProvider: userProvider,
Logger: logger,
UserProvider: userProvider,
UserCS3Claim: cfg.UserCS3Claim,
UserOIDCClaim: cfg.UserOIDCClaim,
})
}