From 87b3469e62f3c89922af6106f4a46038d8a75cf1 Mon Sep 17 00:00:00 2001 From: mod242 <40213799+mod242@users.noreply.github.com> Date: Fri, 23 Jan 2026 11:18:05 +0100 Subject: [PATCH] Make Picture Claim configureable --- .../authentication/oauth2/definition.yml | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/server/modules/authentication/oauth2/definition.yml b/server/modules/authentication/oauth2/definition.yml index 0e599629..254bec0d 100644 --- a/server/modules/authentication/oauth2/definition.yml +++ b/server/modules/authentication/oauth2/definition.yml @@ -54,38 +54,45 @@ props: default: email maxWidth: 500 order: 8 + pictureClaim: + type: String + title: Picture Claim + hint: Field containing the user avatar URL + default: picture + maxWidth: 500 + order: 9 mapGroups: type: Boolean title: Map Groups hint: Map groups matching names from the groups claim value default: false - order: 9 + order: 10 groupsClaim: type: String title: Groups Claim hint: Field containing the group names default: groups maxWidth: 500 - order: 10 + order: 11 logoutURL: type: String title: Logout URL hint: (optional) Logout URL on the OAuth2 provider where the user will be redirected to complete the logout process. - order: 11 + order: 12 scope: type: String title: Scope hint: (optional) Application Client permission scopes. - order: 12 + order: 13 useQueryStringForAccessToken: type: Boolean default: false title: Pass access token via GET query string to User Info Endpoint hint: (optional) Pass the access token in an `access_token` parameter attached to the GET query string of the User Info Endpoint URL. Otherwise the access token will be passed in the Authorization header. - order: 13 + order: 14 enableCSRFProtection: type: Boolean default: true title: Enable CSRF protection hint: Pass a nonce state parameter during authentication to protect against CSRF attacks. - order: 14 + order: 15