3bdb287b78
* providers/oauth2: fix amr claim not set due to login event not associated Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add sid claim Signed-off-by: Jens Langhammer <jens@goauthentik.io> * import engine only once Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove manual sid extraction from proxy, add test, make session key hashing more obvious Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated string fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
23 lines
794 B
YAML
23 lines
794 B
YAML
version: 1
|
|
metadata:
|
|
labels:
|
|
blueprints.goauthentik.io/system: "true"
|
|
name: System - Proxy Provider - Scopes
|
|
entries:
|
|
- identifiers:
|
|
managed: goauthentik.io/providers/proxy/scope-proxy
|
|
model: authentik_providers_oauth2.scopemapping
|
|
attrs:
|
|
name: "authentik default OAuth Mapping: Proxy outpost"
|
|
scope_name: ak_proxy
|
|
description: authentik Proxy - User information
|
|
expression: |
|
|
# This mapping is used by the authentik proxy. It passes extra user attributes,
|
|
# which are used for example for the HTTP-Basic Authentication mapping.
|
|
return {
|
|
"ak_proxy": {
|
|
"user_attributes": request.user.group_attributes(request),
|
|
"is_superuser": request.user.is_superuser,
|
|
}
|
|
}
|