From 47ed3fc62883dc3fb98c98dae75e461b6d0fdfab Mon Sep 17 00:00:00 2001 From: Luke Tainton Date: Tue, 6 Jan 2026 19:14:40 +0000 Subject: [PATCH] feat(oidc claims): extend Claims struct with additional fields for user attributes --- internal/http/handlers.go | 14 ++++++++++++++ internal/oidc/client.go | 13 +++++++++---- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/internal/http/handlers.go b/internal/http/handlers.go index 0f40991..a98b0a9 100644 --- a/internal/http/handlers.go +++ b/internal/http/handlers.go @@ -95,6 +95,20 @@ func Register( attrs[samlAttr] = []string{claims.Email} case "name": attrs[samlAttr] = []string{claims.Name} + case "display_name": + attrs[samlAttr] = []string{claims.DisplayName} + case "email_verified": + if claims.EmailVerified { + attrs[samlAttr] = []string{"true"} + } else { + attrs[samlAttr] = []string{"false"} + } + case "given_name": + attrs[samlAttr] = []string{claims.GivenName} + case "family_name": + attrs[samlAttr] = []string{claims.FamilyName} + case "preferred_username": + attrs[samlAttr] = []string{claims.PreferredUsername} case "role": attrs[samlAttr] = []string{mapRole(claims.Groups, sp)} } diff --git a/internal/oidc/client.go b/internal/oidc/client.go index 223bb34..6bd7397 100644 --- a/internal/oidc/client.go +++ b/internal/oidc/client.go @@ -39,10 +39,15 @@ func NewClient(cfg *config.Config) (*Client, error) { } type Claims struct { - Subject string `json:"sub"` - Email string `json:"email"` - Name string `json:"name"` - Groups []string `json:"groups"` + Subject string `json:"sub"` + Email string `json:"email"` + Name string `json:"name"` + Groups []string `json:"groups"` + DisplayName string `json:"display_name"` + EmailVerified bool `json:"email_verified"` + FamilyName string `json:"family_name"` + GivenName string `json:"given_name"` + PreferredUsername string `json:"preferred_username"` } func (c *Client) AuthCodeURL(state string, extra url.Values) string {