[
https://issues.apache.org/jira/browse/GUACAMOLE-1172?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17193010#comment-17193010
]
IG commented on GUACAMOLE-1172:
-------------------------------
SonarQube is going this way :
[https://github.com/vaulttec/sonar-auth-oidc/blob/master/src/main/java/org/vaulttec/sonarqube/auth/oidc/OidcConfiguration.java#L182]
So is the Jenkins OIDC plugin :
[https://github.com/jenkinsci/oic-auth-plugin/blob/oic-auth-1.8/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java]
OneLogin on the other side suggests a dedicated `groups` scope containing the
`groups` claim :
[https://developers.onelogin.com/openid-connect/scopes]
In any case, the `groups` claim should be configured in the OpenID Provider to
be added to the ID token by default or by requesting a special scope.
>From the Relying Party (Guacamole) point-of-view, no matter how the claim is
>added, it will look for a `groups` claim (default setting).
If none present (or failure to retrieve), and empty group list is returned.
> Retrieve groups from OpenID
> ---------------------------
>
> Key: GUACAMOLE-1172
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1172
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole-auth-openid
> Reporter: IG
> Priority: Minor
>
> Allow groups from JWT claim to be assigned to the user
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
