platform icon indicating copy to clipboard operation
platform copied to clipboard
verified publisher icon opentdf

feat: add option to resolve groups for users in Keycloak

Open dschmidt opened this issue 10 months ago • 1 comments

Proposed Changes

Optionally load groups when resolving users from keycloak. This allows specifying condition sets based on group membership.

I can add tests if you are interested in this patch at all.

Checklist

  • [ ] I have added or updated unit tests
  • [ ] I have added or updated integration tests (if appropriate)
  • [ ] I have added or updated documentation

Testing Instructions

With the development setup you have a sample-user who is a member of "mygroup". https://github.com/opentdf/platform/blob/a3d3f2a2ef913fc34a0489a54c4c92c7c5853491/service/internal/subjectmappingbuiltin/subject_mapping_builtin.go#L103

Set a breakpoint here and see the group being added to the flattened user entity.

dschmidt avatar Feb 18 '25 01:02 dschmidt

Thanks for the contribution! We'll review and add some comments. It will require some tests to ensure we can merge.

jrschumacher avatar Feb 18 '25 01:02 jrschumacher