search

PhilipSkinner / elemental-lowcode

Elemental lowcode development platform.
MIT License
113 stars 17 forks source link

Client claims #148

Closed PhilipSkinner closed 2 years ago

PhilipSkinner commented 2 years ago

Add the ability to configure claims for any user that logs in through that client:

{
  "client_id" : "my-client",
  "client_secret" : "my really secret secret",
  "scope" : "openid roles",
  "client_claims" : {
    "role" : [
      "my_role",
      "another_role"
    ]
  },
  "user_claims" : [
    "group" : "user-group",
    "role" : [
      "user_role",
      "another_role"
    ]
  ],
  "redirect_uris" : [
    "https://my.website"
  ]
}

The claims held within the client_claims collection are used when generating tokens for clients (through client credentials flow - already implemented).

The claims held within user_claims are appended into the authenticating users claim when a user logs in via the client using auth code flow.

PhilipSkinner commented 2 years ago

Done and pushed into latest.