Skip to content
This repository has been archived by the owner on Sep 7, 2024. It is now read-only.

Allow access if group_id is an empty string #7

Open
oxr463 opened this issue Oct 8, 2021 · 0 comments
Open

Allow access if group_id is an empty string #7

oxr463 opened this issue Oct 8, 2021 · 0 comments
Labels
enhancement New feature or request
Milestone
v1.0.0

Comments

@oxr463
Copy link
Contributor

oxr463 commented Oct 8, 2021

This change makes it so that the group membership check is skipped if group_id is empty.

The reasoning is that if our azure app is not authorised to read group membership with /checkMemberGroups, then this is a way to make pam_aad not worry about it, rather than error. (And group based access can be enforced with other PAM modules, if required.)

Source: CyberNinjas/pam_aad#61
@oxr463 oxr463 added the enhancement New feature or request label Oct 8, 2021
@oxr463 oxr463 added this to the v1.0.0 milestone Oct 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
v1.0.0
Development

No branches or pull requests
1 participant
@oxr463