Ajout de 'roles' dans les scopes par défaut

This commit is contained in:
wpetit 2022-08-26 13:55:27 +02:00
parent a00a64a11e
commit 126dbf66c2
2 changed files with 13 additions and 1 deletions

View File

@ -88,6 +88,10 @@ hydra_passwordless_sender_name: "[hydra-passwordless]"
hydra_passwordless_attributes_rewrite_rules: hydra_passwordless_attributes_rewrite_rules:
email: email:
- consent.session.id_token.email - consent.session.id_token.email
email_verified:
- consent.session.id_token.email_verified
roles:
- "[]"
# Hydra SAML configuration # Hydra SAML configuration
@ -181,6 +185,8 @@ hydra_oidc_attributes_rewrite_rules:
- consent.session.id_token.birthplace - consent.session.id_token.birthplace
birthcountry: birthcountry:
- consent.session.id_token.birthcountry - consent.session.id_token.birthcountry
roles:
- "[]"
# Hydra LDAP configuration # Hydra LDAP configuration
@ -192,6 +198,12 @@ hydra_ldap_dev_mode: false
hydra_ldap_attributes_rewrite_rules: hydra_ldap_attributes_rewrite_rules:
email: email:
- consent.session.id_token.email - consent.session.id_token.email
family_name:
- consent.session.id_token.family_name
given_name:
- consent.session.id_token.given_name
roles:
- consent.session.id_token.roles
hydra_ldap_endpoints: [] hydra_ldap_endpoints: []
hydra_ldap_bind_dn: hydra_ldap_bind_dn:
hydra_ldap_bind_password: hydra_ldap_bind_password:

View File

@ -9,6 +9,6 @@
"redirect_uris": {{ item.redirect_uris | default([]) | to_json }}, "redirect_uris": {{ item.redirect_uris | default([]) | to_json }},
"response_types": {{ item.response_types | default(["code"]) | to_json }}, "response_types": {{ item.response_types | default(["code"]) | to_json }},
"logo_uri": {{ item.logo_uri | default("") | to_json }}, "logo_uri": {{ item.logo_uri | default("") | to_json }},
"scope": {{ item.scope | default("openid profile email") | to_json }}, "scope": {{ item.scope | default("openid profile email roles") | to_json }},
"token_endpoint_auth_method": {{ item.token_endpoint_auth_method | default("client_secret_post") | to_json }} "token_endpoint_auth_method": {{ item.token_endpoint_auth_method | default("client_secret_post") | to_json }}
} }