Auth OIDC organization

[xenion54]

Hi, im successfully add your plugin to my GLPI. Working with custom OIDC appliaction. All works fine. So, is there any whay to auto-select organization on new users by info from userInfo?

[eduardomozart]

Can you explain it further (with screenshots if possible)? If you mean Entity, the entity of the user is based on officeLocation of Office 365 (Azure) users, not sure if it works for other providers.

[xenion54]

There is possible to assign organization for each user. Its work by default without plugin. When i use plugin with custom OIDC provider, it creates user after login and fill some user profile fields like username, email, etc.
Plugin, get access token by code and after this, requesting userinfo endpoint. This endpoint response with mandatory OIDC data and some custom data. Is there any way to assign user to organization by searching some data from response of OIDC provider userinfo endpoint?

[xenion54]

I see, that method "findUser" creates user with some data. I can modify this code to extract needed to me information. I just dont know, how to assign user to organization by code in this place

[eduardomozart]

Can you enable the debug variable (set it to true) into inc/provider.class.php and login on your app? It may show an output with the data returned by your custom OIDC application (press "Esc" key when it's shown, otherwise the plugin will autoredirect you to GLPI), and if it returns standard fields for it's info we can include it on the plugin or if it's not standard maybe we can improve the plugin to allow you to setup which fields matches with the userinfo on GLPI DB.

[xenion54]

getResourceOwner: Array ( [sub] => 1 [name] => Test user [permissions] => Array ( [0] => /orgs/org1:/ ) )

I wont to search some "permission" in array and assign this permission to one of organization in GLPI.

If you think that its not worth to add to plugin, just pls assist to me to hardcode this in plugin fork for me. Thank for answer.