nikdoof/rustical
1
1
Fork 0
mirror of https://github.com/lennart-k/rustical.git synced 2025-12-13 19:22:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(oidc): Fix login not working for missing groups claim

Browse Source 
see #87
This commit is contained in:
Lennart
2025-06-27 17:38:33 +02:00
parent 86ae31e94c
commit 1060625b9d
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
crates/oidc/src/error.rs
View File

@@ -7,6 +7,9 @@ pub enum OidcError {
#[error("Cannot generate redirect url, something's not configured correctly")] #[error("Cannot generate redirect url, something's not configured correctly")]
OidcParseError(#[from] ParseError), OidcParseError(#[from] ParseError),
#[error("Error fetching user info: {0}")]
UserInfo(String),
#[error(transparent)] #[error(transparent)]
OidcConfigurationError(#[from] ConfigurationError), OidcConfigurationError(#[from] ConfigurationError),

6
crates/oidc/src/lib.rs
View File

@@ -41,7 +41,7 @@ struct OidcState {
#[derive(Debug, Deserialize, Serialize)] #[derive(Debug, Deserialize, Serialize)]
struct GroupAdditionalClaims { struct GroupAdditionalClaims {
#[serde(default)] #[serde(default)]
pub groups: Vec<String>, groups: Option<Vec<String>>,
} }
impl openidconnect::AdditionalClaims for GroupAdditionalClaims {} impl openidconnect::AdditionalClaims for GroupAdditionalClaims {}
@@ -190,12 +190,14 @@ pub async fn route_get_oidc_callback<US: UserStore + Clone>(
)? )?
.request_async(&http_client) .request_async(&http_client)
.await .await
.map_err(|_| OidcError::Other("Error fetching user info"))?; .map_err(|e| OidcError::UserInfo(e.to_string()))?;
if let Some(require_group) = &oidc_config.require_group { if let Some(require_group) = &oidc_config.require_group {
if !user_info_claims if !user_info_claims
.additional_claims() .additional_claims()
.groups .groups
.clone()
.unwrap_or_default()
.contains(require_group) .contains(require_group)
{ {
return Ok(( return Ok((