Add groups claim to JWT token

[orlovmyk]

Is your feature request related to a problem? Please describe. I want to filter user access based on groups I've assigned to them in Defguard. Right now there is only admin default group but it's enough

Describe the solution you'd like When connecting OIDC applications there are some where you can specify bound claims, for example vault to manage access based on specific claim. It falls under specifications of OpenID:

https://openid.net/specs/openid-connect-core-1_0.html#AdditionalClaims

  {
   "userinfo":
    {
     "given_name": {"essential": true},
     "nickname": null,
     "email": {"essential": true},
     "email_verified": {"essential": true},
     "picture": null,
     "http://example.info/claims/groups": null
    },
   "id_token":
    {
     "auth_time": {"essential": true},
     "acr": {"values": ["urn:mace:incommon:iap:silver"] }
    }
  }

Describe alternatives you've considered Filter by sub claim (username)

Additional context Current claims I got from Postman + jwt.io

{
  "iss": "https://defguard.myk.pp.ua/",
  "aud": [
    "3Kv2LK8yzH56nNte"
  ],
  "exp": 1709897319,
  "iat": 1709292519,
  "nonce": "p8fpnni0rgc",
  "at_hash": "3inzoipr7SGCI4P46Pknug",
  "c_hash": "X4JJ1uq2NmOn8bNjF6Uo2A",
  "sub": "admin",
  "name": "DefGuard Administrator",
  "given_name": "DefGuard",
  "family_name": "Administrator",
  "preferred_username": "admin",
  "email": "admin@defguard"
}

[teon]

@orlovmyk We already implemented that and is waiting to be published in the upcoming 0.10.0 release. Could you also join our matrix? I see you are a great user with good insights and would love to chat with you about your feedback.

[orlovmyk]

@teon Yep sure I will try to join matrix and provide feedback 👍