feat: add stored attributes for generic OIDC

Co-authored-by: Simon Delicata <[email protected]>
traefik · Jun 28, 2024 · f709691 · f709691
1 parent 241482e
commit f709691
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 7 deletions.
diff --git a/pkg/apis/hub/v1alpha1/api_portal.go b/pkg/apis/hub/v1alpha1/api_portal.go
@@ -88,9 +88,9 @@ type OIDCConfigStatus struct {
 	// +optional
 	Scopes string `json:"scopes,omitempty"`
 
-	// ExternalIDClaim is the name of the JWT claim containing the user external ID.
+	// UserIDClaim is the name of the JWT claim containing the user ID.
 	// +optional
-	ExternalIDClaim string `json:"externalIdClaim,omitempty"`
+	UserIDClaim string `json:"userIdClaim,omitempty"`
 
 	// FirstnameClaim is the name of the JWT claim containing the user firstname.
 	// +optional
@@ -111,6 +111,10 @@ type OIDCConfigStatus struct {
 	// CompanyClaim is the name of the JWT claim containing the user company.
 	// +optional
 	CompanyClaim string `json:"companyClaim,omitempty"`
+
+	// SyncedAttributes configure the user attributes to sync.
+	// +optional
+	SyncedAttributes []string `json:"syncedAttributes,omitempty"`
 }
 
 // APIPortalStatus is the status of an APIPortal.

diff --git a/pkg/apis/hub/v1alpha1/crd/hub.traefik.io_apiportals.yaml b/pkg/apis/hub/v1alpha1/crd/hub.traefik.io_apiportals.yaml
@@ -89,10 +89,6 @@ spec:
                     description: EmailClaim is the name of the JWT claim containing
                       the user email.
                     type: string
-                  externalIdClaim:
-                    description: ExternalIDClaim is the name of the JWT claim containing
-                      the user external ID.
-                    type: string
                   firstnameClaim:
                     description: FirstnameClaim is the name of the JWT claim containing
                       the user firstname.
@@ -121,6 +117,16 @@ spec:
                     description: SecretName is the name of the secret containing the
                       OIDC ClientSecret for accessing the exposed APIPortal WebUI.
                     type: string
+                  syncedAttributes:
+                    description: SyncedAttributes configure the user attributes to
+                      sync.
+                    items:
+                      type: string
+                    type: array
+                  userIdClaim:
+                    description: UserIDClaim is the name of the JWT claim containing
+                      the user ID.
+                    type: string
                 type: object
               syncedAt:
                 format: date-time

diff --git a/pkg/apis/hub/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/hub/v1alpha1/zz_generated.deepcopy.go