BUG: OIDC Azure provider - when le groups returned in the claim is not a list

[KabRevel]

When the token returned by oidc provider is like :

{
......
"custom:groupList": [
<my_custom_group>
],
"custom:group": <my_custom_group>
"exp":
...
}

The mapping of oidc groups and akhq groups is not working if the groups-fields is not a List.

For the example given above :

This configuration will WORK

oidc:
  enabled: true
  providers:
    cognito:
      label: "Login with oidc"
	  groups-field: custom:groupList   
      groups:
        - name: <my_custom_group>
          groups:
            - admin

But this Does not WORK

oidc:
  enabled: true
  providers:
    cognito:
      label: "Login with oidc"
	  groups-field: custom:group   
      groups:
        - name: <my_custom_group>
          groups:
            - admin

After investigation , le pb comes from this function

protected List<String> getOidcGroups(Oidc.Provider provider, OpenIdClaims openIdClaims) {
        List<String> groups = new ArrayList<>();
        if (openIdClaims.contains(provider.getGroupsField())) {
            Object groupsField = openIdClaims.get(provider.getGroupsField());
            if (groupsField instanceof Collection) {
                groups = ((Collection<Object>) groupsField)
                        .stream()
                        .map(Objects::toString)
                        .collect(Collectors.toList());
            }
        }
        return groups;
    }

why are we verifying "groupsField instanceof Collection" ?? It should be a List or a Single element.

[tchiotludo]

is this is not the same than this PR: #1263 ?

[KabRevel]

Hi @tchiotludo , yes its the same case. It is possible to release this fix ?

[tchiotludo]

done in #1263