Mercurial > prosody-modules

view mod_groups_oidc/mod_groups_oidc.lua @ 5694:8afa0fb8a73e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_client_management: Report on longest lived token when grant does not expire E.g. for mod_http_oauth2 where by default the grant itself is unlimited, while refresh tokens are issued with one week lifetime, but are renewed with each use.
author Kim Alvefur <zash@zash.se>
date Fri, 10 Nov 2023 00:26:17 +0100
parents 7d9dce4e7dd0
children
line wrap: on
line source

local array = require "util.array";

module:add_item("openid-claim", "groups");

local group_memberships = module:open_store("groups", "map");
local function user_groups(username)
	return pairs(group_memberships:get_all(username) or {});
end

module:hook("token/userinfo", function(event)
	local userinfo = event.userinfo;
	if event.claims:contains("groups") then
		userinfo.groups = array(user_groups(event.username));
	end
end);