Refactored LDAP and Keycloak implementation and added RBAC based groups to Keycloak

2025-08-29 15:06:26 +02:00 · 2025-07-04 16:16:45 +02:00
parent ee0561db72
commit 06b864ad52
17 changed files with 206 additions and 84 deletions
--- a/roles/docker-nextcloud/templates/config/oidc.config.php.j2
+++ b/roles/docker-nextcloud/templates/config/oidc.config.php.j2
@@ -97,10 +97,10 @@ return array (
    // note: on Keycloak, OIDC name claim = "${given_name} ${family_name}" or one of them if any is missing
    //
    'oidc_login_attributes' => array (
-        'id' => '{{ldap.attributes.user_id}}',
+        'id' => '{{ldap.user.attributes.id}}',
        'name' => 'name',
        'mail' => 'email',
-        'quota' => 'nextcloudQuota',
+        'quota' => '{{ ldap.user.attributes.nextcloud_quota }}',
        # 'home' => 'homeDirectory',    # Not implemented yet
        'ldap_uid' => '{{oidc.attributes.username}}',
        # 'groups' => 'ownCloudGroups', # Not implemented yet