[X] I agree to follow the Code of Conduct that this project adheres to.
[X] I have searched the issue tracker for an issue that matches the one I want to file, without success.
Problem Description
Since dex can gather all Google groups that belong to a user. we can extend the functionality to also support group claims on the JWT, even Google doesn't support this.
Currently, dex is only able to whitelist before sending the JWT to the user.
by adding a google group list on the JWT, we can further filter from the application side or from a proxy that supports JWT verification.
Proposed Solution
from the codebase, we can enforce this. but need help to make it configurable. this is some workaround that I did when forking the dex https://github.com/dexidp/dex/pull/3449
Preflight Checklist
Problem Description
Since dex can gather all Google groups that belong to a user. we can extend the functionality to also support group claims on the JWT, even Google doesn't support this.
Currently, dex is only able to whitelist before sending the JWT to the user.
by adding a google group list on the JWT, we can further filter from the application side or from a proxy that supports JWT verification.
Proposed Solution
from the codebase, we can enforce this. but need help to make it configurable. this is some workaround that I did when forking the dex https://github.com/dexidp/dex/pull/3449
Alternatives Considered
N/A
Additional Information
N/A