diff mod_groups_oidc/mod_groups_oidc.lua @ 5504:7d9dce4e7dd0

mod_groups_oidc: Expose groups to OAuth clients
author Kim Alvefur <zash@zash.se>
date Thu, 01 Jun 2023 18:32:59 +0200
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_groups_oidc/mod_groups_oidc.lua	Thu Jun 01 18:32:59 2023 +0200
@@ -0,0 +1,15 @@
+local array = require "util.array";
+
+module:add_item("openid-claim", "groups");
+
+local group_memberships = module:open_store("groups", "map");
+local function user_groups(username)
+	return pairs(group_memberships:get_all(username) or {});
+end
+
+module:hook("token/userinfo", function(event)
+	local userinfo = event.userinfo;
+	if event.claims:contains("groups") then
+		userinfo.groups = array(user_groups(event.username));
+	end
+end);