To implement group support between Rauthy (OIDC IdP) and Part-DB (SAML SP), I've added
attributes:
group:
openid: [groups]
saml: [group]to internal_attributes (and it works!.. well, one group is picked after all but still).
But it's getting filtered out when converted from internal attrs, so I've also had to hack _get_approved_attributes like so:
for aconv in attrconvs:
if aconv.name_format == name_format:
all_attributes = {v: None for v in aconv._fro.values()}
all_attributes['group'] = None # HACK
attribute_filter = list(idp_policy.restrict(all_attributes, sp_entity_id).keys())
breakI couldn't figure out where the filter comes from, it doesn't seem to be changeable from the yaml configs, or is it just not documented?
To implement group support between Rauthy (OIDC IdP) and Part-DB (SAML SP), I've added
to
internal_attributes(and it works!.. well, one group is picked after all but still).But it's getting filtered out when converted from internal attrs, so I've also had to hack
_get_approved_attributeslike so:I couldn't figure out where the filter comes from, it doesn't seem to be changeable from the yaml configs, or is it just not documented?