search

arrikto / oidc-authservice

This is a fork/refactoring of the ajmyyra/ambassador-auth-oidc project
MIT License
87 stars 65 forks source link

server: Implement groups authorizer #40

Closed yanniszark closed 4 years ago

yanniszark commented 4 years ago

Add the notion of authorizers to the AuthService and implement an authorizer for groups. At first, the authorizer will just take an allowlist and use it to determine if the request is allowed or not.

Signed-off-by: Yannis Zarkadas yanniszark@arrikto.com

yhwang commented 4 years ago

One question: is the new Group Claim mandatory or optional?

yanniszark commented 4 years ago

One question: is the new Group Claim mandatory or optional?

Hi @yhwang! The Groups claim is optional. If it isn't found, the code will resume as normal.