From 59d17eaa46013d270d8aa258b4f51dba455ffa01 Mon Sep 17 00:00:00 2001
From: Arie Peterson <arie@greenhost.nl>
Date: Thu, 14 Sep 2023 12:04:26 +0200
Subject: [PATCH] Add OIDC attributes for Nextcloud/oidc_login

---
 backend/helpers/kratos_user.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/backend/helpers/kratos_user.py b/backend/helpers/kratos_user.py
index e1540368..d5f50d11 100644
--- a/backend/helpers/kratos_user.py
+++ b/backend/helpers/kratos_user.py
@@ -387,6 +387,16 @@ class KratosUser():
             "preferred_username": username,
             "email": self.email,
             "stackspin_roles": roles,
+            # We use this in Nextcloud because the `oidc_login` app wants a
+            # boolean flag saying whether the user should have admin
+            # privileges.
+            "is_admin": "admin" in roles,
+            # This is also for Nextcloud specifically: we used to use the
+            # `social_login` app for OIDC, which prefixed all user IDs with
+            # `stackspin-`. We need to stay compatible with that naming scheme
+            # until we figure out if and how we want to migrate those prefixes
+            # away.
+            "stackspin_prefixed_uuid": "stackspin-" + self.uuid,
         }
 
         if app == "wekan":
-- 
GitLab