From 060a4e41f63d0b8ad4fc0a878b9508dce2fe9bef Mon Sep 17 00:00:00 2001
From: sgiannopoulos <sgiannopoulos@cite.gr>
Date: Mon, 22 Jan 2024 14:31:00 +0200
Subject: [PATCH] add idp claims

---
 web/src/main/resources/config/application.yml |  3 +-
 web/src/main/resources/config/idpclaims.yml   | 41 +++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 web/src/main/resources/config/idpclaims.yml

diff --git a/web/src/main/resources/config/application.yml b/web/src/main/resources/config/application.yml
index fc80413..7d5aace 100644
--- a/web/src/main/resources/config/application.yml
+++ b/web/src/main/resources/config/application.yml
@@ -9,4 +9,5 @@ spring:
       optional:classpath:config/funder.yml[.yml], optional:classpath:config/funder-${spring.profiles.active}.yml[.yml], optional:file:../config/funder-${spring.profiles.active}.yml[.yml],
       optional:classpath:config/identifiers.yml[.yml], optional:classpath:config/identifiers-${spring.profiles.active}.yml[.yml], optional:file:../config/identifiers-${spring.profiles.active}.yml[.yml],
       optional:classpath:config/security.yml[.yml], optional:classpath:config/security-${spring.profiles.active}.yml[.yml], optional:file:../config/security-${spring.profiles.active}.yml[.yml],
-      optional:classpath:config/cache.yml[.yml], optional:classpath:config/cache-${spring.profiles.active}.yml[.yml], optional:file:../config/cache-${spring.profiles.active}.yml[.yml]
+      optional:classpath:config/cache.yml[.yml], optional:classpath:config/cache-${spring.profiles.active}.yml[.yml], optional:file:../config/cache-${spring.profiles.active}.yml[.yml],
+      optional:classpath:config/idpclaims.yml[.yml], optional:classpath:config/idpclaims-${spring.profiles.active}.yml[.yml], optional:file:../config/idpclaims-${spring.profiles.active}.yml[.yml]
diff --git a/web/src/main/resources/config/idpclaims.yml b/web/src/main/resources/config/idpclaims.yml
new file mode 100644
index 0000000..53bc069
--- /dev/null
+++ b/web/src/main/resources/config/idpclaims.yml
@@ -0,0 +1,41 @@
+idpclient:
+  claims:
+    mapping:
+      Subject:
+        - type: sub
+      Name:
+        - type: name
+      Client:
+        - type: client_id
+      AuthenticationMethod:
+        - type: amr
+      NotBefore:
+        - type: nbf
+      AuthenticatedAt:
+        - type: auth_time
+      ExpiresAt:
+        - type: exp
+      Email:
+        - type: email
+      Roles:
+        - type: resource_access
+          path: dmp_zenodo_bridge.roles
+      Scope:
+        - type: scope
+      AccessToken:
+        - type: x-access-token
+          visibility: SENSITIVE
+      IssuedAt:
+        - type: iat
+      Issuer:
+        - type: iss
+      Audience:
+        - type: aud
+      TokenType:
+        - type: typ
+      AuthorizedParty:
+        - type: azp
+      Authorities:
+        - type: authorities
+      ExternalProviderName:
+        - type: identity_provider
\ No newline at end of file