add idp claims

web/src/main/resources/config/application.yml

@@ -9,4 +9,5 @@ spring:
       optional:classpath:config/funder.yml[.yml], optional:classpath:config/funder-${spring.profiles.active}.yml[.yml], optional:file:../config/funder-${spring.profiles.active}.yml[.yml],
       optional:classpath:config/identifiers.yml[.yml], optional:classpath:config/identifiers-${spring.profiles.active}.yml[.yml], optional:file:../config/identifiers-${spring.profiles.active}.yml[.yml],
       optional:classpath:config/security.yml[.yml], optional:classpath:config/security-${spring.profiles.active}.yml[.yml], optional:file:../config/security-${spring.profiles.active}.yml[.yml],
-      optional:classpath:config/cache.yml[.yml], optional:classpath:config/cache-${spring.profiles.active}.yml[.yml], optional:file:../config/cache-${spring.profiles.active}.yml[.yml]
+      optional:classpath:config/cache.yml[.yml], optional:classpath:config/cache-${spring.profiles.active}.yml[.yml], optional:file:../config/cache-${spring.profiles.active}.yml[.yml],
+      optional:classpath:config/idpclaims.yml[.yml], optional:classpath:config/idpclaims-${spring.profiles.active}.yml[.yml], optional:file:../config/idpclaims-${spring.profiles.active}.yml[.yml]

web/src/main/resources/config/idpclaims.yml

@@ -0,0 +1,41 @@
+idpclient:
+  claims:
+    mapping:
+      Subject:
+        - type: sub
+      Name:
+        - type: name
+      Client:
+        - type: client_id
+      AuthenticationMethod:
+        - type: amr
+      NotBefore:
+        - type: nbf
+      AuthenticatedAt:
+        - type: auth_time
+      ExpiresAt:
+        - type: exp
+      Email:
+        - type: email
+      Roles:
+        - type: resource_access
+          path: dmp_zenodo_bridge.roles
+      Scope:
+        - type: scope
+      AccessToken:
+        - type: x-access-token
+          visibility: SENSITIVE
+      IssuedAt:
+        - type: iat
+      Issuer:
+        - type: iss
+      Audience:
+        - type: aud
+      TokenType:
+        - type: typ
+      AuthorizedParty:
+        - type: azp
+      Authorities:
+        - type: authorities
+      ExternalProviderName:
+        - type: identity_provider