forgejo/services/auth
KN4CK3R e8186f1c0f
Map OIDC groups to Orgs/Teams (#21441)
Fixes #19555

Test-Instructions:
https://github.com/go-gitea/gitea/pull/21441#issuecomment-1419438000

This PR implements the mapping of user groups provided by OIDC providers
to orgs teams in Gitea. The main part is a refactoring of the existing
LDAP code to make it usable from different providers.

Refactorings:
- Moved the router auth code from module to service because of import
cycles
- Changed some model methods to take a `Context` parameter
- Moved the mapping code from LDAP to a common location

I've tested it with Keycloak but other providers should work too. The
JSON mapping format is the same as for LDAP.


![grafik](https://user-images.githubusercontent.com/1666336/195634392-3fc540fc-b229-4649-99ac-91ae8e19df2d.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-08 14:44:42 +08:00
..
source Map OIDC groups to Orgs/Teams (#21441) 2023-02-08 14:44:42 +08:00
auth.go
auth_test.go
basic.go Implement actions (#21937) 2023-01-31 09:45:19 +08:00
group.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
httpsign.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
interface.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
middleware.go Map OIDC groups to Orgs/Teams (#21441) 2023-02-08 14:44:42 +08:00
oauth2.go Implement actions (#21937) 2023-01-31 09:45:19 +08:00
reverseproxy.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
session.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
signin.go
source.go
sspi_windows.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
sync.go