From 0bb3b421b69e995f49f5b9d812e4f777837b3843 Mon Sep 17 00:00:00 2001 From: Petr Jeske Date: Wed, 21 Feb 2024 13:48:51 +0100 Subject: [PATCH] LX-77 Rename JIT user_groups scope & claim To be in line with community standards renaming OIDC user_groups scope, claim. Also is a custom scope naming limitation (customScopeName <-> resourceServerIdentifier/scopeName) in the aws cognito OIDC provider, and we would like to have JIT enabled also for cognito idp. --- .../src/main/kotlin/AuthenticationUtils.kt | 2 +- .../main/kotlin/JitProvisioningAuthenticationSuccessHandler.kt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/gooddata-server-oauth2-autoconfigure/src/main/kotlin/AuthenticationUtils.kt b/gooddata-server-oauth2-autoconfigure/src/main/kotlin/AuthenticationUtils.kt index 5b56996..8dea2f4 100644 --- a/gooddata-server-oauth2-autoconfigure/src/main/kotlin/AuthenticationUtils.kt +++ b/gooddata-server-oauth2-autoconfigure/src/main/kotlin/AuthenticationUtils.kt @@ -65,7 +65,7 @@ object OAuthConstants { * @see ClientRegistration */ const val REDIRECT_URL_BASE = "{baseUrl}/{action}/oauth2/code/" - const val GD_USER_GROUPS_SCOPE = "gd_user_groups" + const val GD_USER_GROUPS_SCOPE = "urn.gooddata.scope/user_groups" } /** diff --git a/gooddata-server-oauth2-autoconfigure/src/main/kotlin/JitProvisioningAuthenticationSuccessHandler.kt b/gooddata-server-oauth2-autoconfigure/src/main/kotlin/JitProvisioningAuthenticationSuccessHandler.kt index 290675d..f51b537 100644 --- a/gooddata-server-oauth2-autoconfigure/src/main/kotlin/JitProvisioningAuthenticationSuccessHandler.kt +++ b/gooddata-server-oauth2-autoconfigure/src/main/kotlin/JitProvisioningAuthenticationSuccessHandler.kt @@ -129,7 +129,7 @@ class JitProvisioningAuthenticationSuccessHandler( const val GIVEN_NAME = "given_name" const val FAMILY_NAME = "family_name" const val EMAIL = "email" - const val GD_USER_GROUPS = "gd_user_groups" + const val GD_USER_GROUPS = "urn.gooddata.user_groups" val mandatoryClaims = setOf(GIVEN_NAME, FAMILY_NAME, EMAIL) } }