File tree Expand file tree Collapse file tree 1 file changed +7
-5
lines changed
keps/sig-auth/3331-structured-config-for-oidc-authentication Expand file tree Collapse file tree 1 file changed +7
-5
lines changed Original file line number Diff line number Diff line change @@ -454,7 +454,8 @@ type JWTAuthenticator struct {
454454 // - key: "admin"
455455 // valueExpression: '(has(claims.is_admin) && claims.is_admin) ? "true":""'
456456 //
457- // If multiple mappings have the same key, the result will be a concatenation of all values.
457+ // If multiple mappings have the same key, the result will be a concatenation of all values
458+ // with the order preserved.
458459 // If the value is empty, the extra mapping will not be present.
459460 //
460461 // possible future way to pull multiple extra values out via expression.
@@ -468,11 +469,12 @@ type JWTAuthenticator struct {
468469 }
469470
470471 type ExtraMapping struct {
471- // Key is a string to use as the extra attribute key.
472+ // key is a string to use as the extra attribute key.
472473 Key string ` json:" key" `
473- // ValueExpression is a CEL expression to extract extra attribute value.
474- // Expression must produce a string value.
475- // "" and null values are treated as the extra mapping not being present.
474+ // valueExpression is a CEL expression to extract extra attribute value.
475+ // valueExpression must produce a string or string array value.
476+ // "", [], and null values are treated as the extra mapping not being present.
477+ // Empty string values contained within a string array are filtered out.
476478 ValueExpression string ` json:" valueExpression" `
477479 }
478480
You can’t perform that action at this time.
0 commit comments