add support for groups
+12
-5
+12
-5
example/auth/main.ts
+12
-5
example/auth/main.ts
···
66
66
return Response.json({
67
67
...oauth2Config,
68
68
userinfo_endpoint: new URL("/userinfo", url).toString(),
69
-
scopes_supported: ["openid", "email"],
69
+
scopes_supported: ["openid", "email", "groups"],
70
70
id_token_signing_alg_values_supported: ["ES256"],
71
+
}, {
72
+
headers: {
73
+
"content-type": "application/json",
74
+
"access-control-allow-origin": "*",
75
+
"access-control-allow-methods": "GET",
76
+
"access-control-allow-headers": "Content-Type",
77
+
}
71
78
})
72
79
}
73
80
···
99
106
100
107
const signinKey = await signingKeys(storage).then((keys) => keys[0])
101
108
const access_token = await jwtVerify<{
102
-
properties: {
103
-
email: string
104
-
}
109
+
type: string,
110
+
properties: Record<string, unknown>,
105
111
}>(tokens.access_token, signinKey.public)
106
112
const jwt = new SignJWT({
113
+
...access_token.payload.properties,
114
+
groups: [access_token.payload.type],
107
115
aud: access_token.payload.aud,
108
116
iss: access_token.payload.iss,
109
117
sub: access_token.payload.sub,
110
118
exp: access_token.payload.exp,
111
-
email: access_token.payload.properties.email,
112
119
})
113
120
114
121
jwt.setProtectedHeader(access_token.protectedHeader)