Ask for epita scope too

2020-11-24 14:06:29 +01:00 · 2020-11-24 14:06:29 +01:00 · 56c408282b
commit 56c408282b
parent 7a686ecfa7
1 changed files with 7 additions and 6 deletions
--- a/auth_oidc.go
+++ b/auth_oidc.go
@ -47,7 +47,7 @@ func initializeOIDC() {
 			Endpoint: provider.Endpoint(),

 			// "openid" is a required scope for OpenID Connect flows.
-			Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
+			Scopes: []string{oidc.ScopeOpenID, "profile", "email", "epita"},
 		}

 		oidcConfig := oidc.Config{
@ -100,11 +100,12 @@ func OIDC_CRI_complete(w http.ResponseWriter, r *http.Request, ps httprouter.Par
 	}

 	var claims struct {
-		Firstname string `json:"given_name"`
-		Lastname  string `json:"family_name"`
-		Nickname  string `json:"nickname"`
-		Username  string `json:"preferred_username"`
-		Email     string `json:"email"`
+		Firstname string   `json:"given_name"`
+		Lastname  string   `json:"family_name"`
+		Nickname  string   `json:"nickname"`
+		Username  string   `json:"preferred_username"`
+		Email     string   `json:"email"`
+		Groups    []string `json:"groups"`
 	}
 	if err := idToken.Claims(&claims); err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)