OIDC: Support Generic OAuth org to role mappings (#87394)

* Social: link to OrgRoleMapper * OIDC: support Generic Oauth org to role mappings Fixes: #73448 Signed-off-by: Mathieu Parent <math.parent@gmail.com> * Handle when getAllOrgs fails in the org_role_mapper * Add more tests * OIDC: ensure orgs are evaluated from API when not from token Signed-off-by: Mathieu Parent <math.parent@gmail.com> * OIDC: ensure AutoAssignOrg is applied with OrgMapping without RoleAttributeStrict Signed-off-by: Mathieu Parent <math.parent@gmail.com> * Extend docs * Fix test, lint --------- Signed-off-by: Mathieu Parent <math.parent@gmail.com> Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
2025-02-25 18:55:37 -06:00 · 2024-05-23 09:55:45 +02:00
parent 42126398be
commit b8c9ae0eb7
27 changed files with 673 additions and 359 deletions
--- a/pkg/services/org/orgtest/fake.go
+++ b/pkg/services/org/orgtest/fake.go
@@ -59,6 +59,11 @@ func (f *FakeOrgService) GetByID(ctx context.Context, query *org.GetOrgByIDQuery
 }

 func (f *FakeOrgService) GetByName(ctx context.Context, query *org.GetOrgByNameQuery) (*org.Org, error) {
+	for _, expectedOrg := range f.ExpectedOrgs {
+		if expectedOrg != nil && expectedOrg.Name == query.Name {
+			return &org.Org{ID: expectedOrg.ID, Name: expectedOrg.Name}, nil
+		}
+	}
 	return f.ExpectedOrg, f.ExpectedError
 }