Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oidc claim check #21

Open
DarthSlider opened this issue May 27, 2020 · 2 comments
Open

oidc claim check #21

DarthSlider opened this issue May 27, 2020 · 2 comments

Comments

@DarthSlider
Copy link

Feature request.

We have quite a big keycloak instance and now all users imported to keycloak from different user federations could log in into sentry.

It would be great if sentry could check for a specific claim in JWT like claim, or much better, any claim provided as key:value and reply with 403 for users without necessary rights.
@max-wittig
Copy link
Member

Hi @DarthSlider Thanks for the request. We actually face the same problem, but I haven't had the time to further investigate and I'm not even sure if this extension can fix this or if it's a problem in sentry itself. But I would be really happy to review any PRs!

@DarthSlider
Copy link
Author

DarthSlider commented May 27, 2020
edited
Loading

@max-wittig I'm not really know how this extension works, but I`m quite familiar with keycloak gatekeeper and it could check for a specific claim in jwt. Even Nginx could do it.
This plugin should check incoming jwt at least for expiration (exp claim), so the additional check doesn't look that hard.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@max-wittig @DarthSlider