feat: map info from OIDC claims to headers (#122)

* refactor: return all values from body in the providers

* refactor: only accept claims following the OIDC spec

* feat: map info from OIDC claims to headers

* feat: add support for required oauth groups

* fix: bot suggestions

* feat: get claims from github and google

* fix: close body correctly

internal/types/api.go

@@ -20,6 +20,7 @@ type OAuthRequest struct {
 type UnauthorizedQuery struct {
 	Username string `url:"username"`
 	Resource string `url:"resource"`
+	GroupErr bool   `url:"groupErr"`
 }
 
 // Proxy is the uri parameters for the proxy endpoint
@@ -33,6 +34,8 @@ type UserContextResponse struct {
 	Message     string `json:"message"`
 	IsLoggedIn  bool   `json:"isLoggedIn"`
 	Username    string `json:"username"`
+	Name        string `json:"name"`
+	Email       string `json:"email"`
 	Provider    string `json:"provider"`
 	Oauth       bool   `json:"oauth"`
 	TotpPending bool   `json:"totpPending"`

internal/types/config.go

@@ -78,3 +78,8 @@ type AuthConfig struct {
 	LoginTimeout    int
 	LoginMaxRetries int
 }
+
+// HooksConfig is the configuration for the hooks service
+type HooksConfig struct {
+	Domain string
+}

internal/types/types.go

@@ -25,8 +25,11 @@ type OAuthProviders struct {
 // SessionCookie is the cookie for the session (exculding the expiry)
 type SessionCookie struct {
 	Username    string
+	Name        string
+	Email       string
 	Provider    string
 	TotpPending bool
+	OAuthGroups string
 }
 
 // TinyauthLabels is the labels for the tinyauth container
@@ -35,15 +38,19 @@ type TinyauthLabels struct {
 	Users          string
 	Allowed        string
 	Headers        map[string]string
+	OAuthGroups    string
 }
 
 // UserContext is the context for the user
 type UserContext struct {
 	Username    string
+	Name        string
+	Email       string
 	IsLoggedIn  bool
 	OAuth       bool
 	Provider    string
 	TotpPending bool
+	OAuthGroups string
 }
 
 // LoginAttempt tracks information about login attempts for rate limiting