The Keycloak-OPA plugin needs to be enhanced so that it allows configuring the input document for rules to the extent required by EOEPCA.
Currently identity attributes are always included and information about permissions and resources can optionally be included in a somewhat clumsy way. This needs to be simplified.
If further details are required, they should be made addable. Furthermore it might sometimes be useful to further limit the provided attributes, e.g. by a regex.
The Keycloak-OPA plugin needs to be enhanced so that it allows configuring the input document for rules to the extent required by EOEPCA. Currently identity attributes are always included and information about permissions and resources can optionally be included in a somewhat clumsy way. This needs to be simplified. If further details are required, they should be made addable. Furthermore it might sometimes be useful to further limit the provided attributes, e.g. by a regex.