feat: assign users to teams via OIDC claims (#1393)

This change adds the ability to sync teams via a custom openid claim. Vikunja will automatically create and delete teams as necessary, it will also add and remove users when they log in. These teams are fully managed by Vikunja and cannot be updated by a user. Co-authored-by: kolaente <k@knt.li> Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/1393 Resolves https://kolaente.dev/vikunja/vikunja/issues/1279 Resolves https://github.com/go-vikunja/vikunja/issues/42 Resolves https://kolaente.dev/vikunja/vikunja/issues/950 Co-authored-by: viehlieb <pf@pragma-shift.net> Co-committed-by: viehlieb <pf@pragma-shift.net>
2024-03-02 08:47:10 +00:00
parent f18cde269b
commit ed4da96ab1
26 changed files with 686 additions and 32 deletions
--- a/pkg/modules/auth/openid/providers.go
+++ b/pkg/modules/auth/openid/providers.go
@ -125,6 +125,10 @@ func getProviderFromMap(pi map[string]interface{}) (provider *Provider, err erro
 		logoutURL = ""
 	}

+	scope, _ := pi["scope"].(string)
+	if scope == "" {
+		scope = "openid profile email"
+	}
 	provider = &Provider{
 		Name:            pi["name"].(string),
 		Key:             k,
@ -132,6 +136,7 @@ func getProviderFromMap(pi map[string]interface{}) (provider *Provider, err erro
 		OriginalAuthURL: pi["authurl"].(string),
 		ClientSecret:    pi["clientsecret"].(string),
 		LogoutURL:       logoutURL,
+		Scope:           scope,
 	}

 	cl, is := pi["clientid"].(int)