Skip to content

allow using different field as identifier, configurable per idp#5556

Merged
jessegeens merged 3 commits intomasterfrom
feat/lw-acls-email
Apr 29, 2026
Merged

allow using different field as identifier, configurable per idp#5556
jessegeens merged 3 commits intomasterfrom
feat/lw-acls-email

Conversation

@jessegeens
Copy link
Copy Markdown
Contributor

@jessegeens jessegeens commented Mar 25, 2026
edited
Loading

For having CERN users keep sub, external users use email:

  [grpc.services.authprovider.auth_managers.oidc]                                                                                                                                                                                                                                                                           
  default_id_claim = "email"

  [grpc.services.authprovider.auth_managers.oidc.idp_to_id_claim]                                                                                                                                                                                                                                                           
  "f3700f7d-85b5-4b29-b6b4-987522ac9ea6" = "sub"

This PR goes together with cernbox/reva-plugins#67

@update-docs
Copy link
Copy Markdown

update-docs Bot commented Mar 25, 2026

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@jessegeens jessegeens force-pushed the release-3.7 branch 2 times, most recently from fc19a42 to f72abec Compare March 30, 2026 09:14
@jessegeens jessegeens force-pushed the feat/lw-acls-email branch 2 times, most recently from f786d06 to d4c2724 Compare March 30, 2026 11:37
@jessegeens jessegeens force-pushed the feat/lw-acls-email branch 2 times, most recently from 168c893 to 71ba185 Compare March 31, 2026 11:36
@jessegeens jessegeens force-pushed the feat/lw-acls-email branch 6 times, most recently from 13b917f to 59648dc Compare April 8, 2026 12:34
@jessegeens jessegeens marked this pull request as ready for review April 8, 2026 12:42
diocas
diocas requested changes Apr 13, 2026
View reviewed changes
Comment thread internal/grpc/services/gateway/storageprovider.go
Base automatically changed from release-3.7 to master April 14, 2026 07:11
@jessegeens jessegeens force-pushed the feat/lw-acls-email branch 5 times, most recently from 5a8208c to 6b5ad45 Compare April 15, 2026 13:01
@jessegeens jessegeens requested a review from diocas April 15, 2026 13:05
diocas
diocas previously approved these changes Apr 21, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@diocas diocas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From what I could see, the provider changes with linked accounts, right? So this would work as we expected and we don't need anything else, right? (even though users might be confused).

@jessegeens
Copy link
Copy Markdown
Contributor Author

jessegeens commented Apr 22, 2026

From what I could see, the provider changes with linked accounts, right? So this would work as we expected and we don't need anything else, right? (even though users might be confused).

Yes, so your opaque id will become your cern email address and not your username. So from this side this should be all that's needed.

glpatcern
glpatcern previously approved these changes Apr 27, 2026
View reviewed changes
@jessegeens jessegeens merged commit 85e5c34 into master Apr 29, 2026
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@glpatcern glpatcern glpatcern approved these changes

@diocas diocas diocas left review comments

@rawe0 rawe0 Awaiting requested review from rawe0 rawe0 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jessegeens @diocas @glpatcern