Claymore
Reputation: 11
Get the user's group from IAP
I would like to configure IAP to grant a different level of access based on who is logged in. Then I create several groups that will ensure that I can manage the type of profiling on the application. When I extract the return header from IAP I only have these values:
aud,su,identity_source,azp,exp,hd,iat,email
I extract these values from Authentication like this:
Jwt jwt = (Jwt) authentication.getPrincipal();
Map<String, Object> claims = jwt.getClaims();
for (Map.Entry<String, Object> entry : claims.entrySet()) {
String key = entry.getKey();
Object value = entry.getValue();
logger.info(key + " : " + value.toString());
}
What I would like is for example:
- UserX from the admin-iap group can interact with all the features of the application
- UserY from the developer-iap group can only see some pages of the application
- UserZ ecc...
In addition to the group, is it possible to extract some user information, for example Name and Surname?
Is it possible to test IAP authentication locally with Spring?
Upvotes: 0
Views: 48
Answers (0)
Related Questions
- How to change the project in GCP using CLI commands
- What is the difference between Google App Engine and Google Compute Engine?
- IAP accepts expired token in GCP
- Using Salesforce Named Credentials Against Google IAP
- Trouble authorizing access to App Engine via IAP
- Emulating Google IAP headers in development
- Programmatic access from a service account to a Google IAP protected resource denied with invalid signature error
- Springboot get username from Authentication via Controller
- How to filter JWT authentication authorities based on http header