af78c3925a
Some identity providers like GitLab do not provide information about group membership as part of the identity token claims. They only expose it via OIDC compatible '/oauth/userinfo' endpoint, as described in the OpenID Connect 1.0 sepcification. But this of course requires application to make sure to add additional accessToken, since idToken cannot be re-used to perform the same 'userinfo' call. This is why this is specialized requirement. Gitlab seems to be the only OpenID vendor that requires this support for the time being. fixes #12367 |
||
|---|---|---|
| .. | ||
| provider | ||
| ecdsa-sha3_contrib.go | ||
| help.go | ||
| jwks.go | ||
| jwks_test.go | ||
| jwt.go | ||
| jwt_test.go | ||
| legacy.go | ||
| rsa-sha3_contrib.go | ||
| validators.go | ||
| validators_test.go | ||