google connector: support group claim on JWT #3448

zufardhiyaulhaq · 2024-04-04T16:54:25Z

Preflight Checklist

I agree to follow the Code of Conduct that this project adheres to.
I have searched the issue tracker for an issue that matches the one I want to file, without success.

Problem Description

Since dex can gather all Google groups that belong to a user. we can extend the functionality to also support group claims on the JWT, even Google doesn't support this.

Currently, dex is only able to whitelist before sending the JWT to the user.

by adding a google group list on the JWT, we can further filter from the application side or from a proxy that supports JWT verification.

Proposed Solution

from the codebase, we can enforce this. but need help to make it configurable. this is some workaround that I did when forking the dex #3449

Alternatives Considered

N/A

Additional Information

N/A

zufardhiyaulhaq · 2024-04-16T16:15:03Z

Hi @nabokihms I am not sure which one should I tag,

I believe this is good feature since we can implement RBAC based on google group when extracting JWT from client on 3rd party gateway,

zufardhiyaulhaq mentioned this issue Apr 4, 2024

feat: implement google group claim in JWT #3449

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

google connector: support group claim on JWT #3448

google connector: support group claim on JWT #3448

zufardhiyaulhaq commented Apr 4, 2024 •

edited

zufardhiyaulhaq commented Apr 16, 2024

google connector: support group claim on JWT #3448

google connector: support group claim on JWT #3448

Comments

zufardhiyaulhaq commented Apr 4, 2024 • edited

Preflight Checklist

Problem Description

Proposed Solution

Alternatives Considered

Additional Information

zufardhiyaulhaq commented Apr 16, 2024

zufardhiyaulhaq commented Apr 4, 2024 •

edited