chore: add warning log if misconfigured groups oidc (#7874)

* chore: add warning log if misconfigured groups oidc This is not perfect, but if we find a 'groups' claim and it is not configured, put out a warning log to give some information
2025-07-21 01:28:49 +00:00 · 2023-06-08 08:51:59 -05:00
parent 479467473e
commit b2324325fa
6 changed files with 22 additions and 7 deletions
--- a/cli/testdata/coder_server_--help.golden
+++ b/cli/testdata/coder_server_--help.golden
@ -296,8 +296,8 @@ can safely ignore these settings.
          OIDC claim field to use as the email.

      --oidc-group-field string, $CODER_OIDC_GROUP_FIELD
-          Change the OIDC default 'groups' claim field. By default, will be
-          'groups' if present in the oidc scopes argument.
+          This field must be set if using the group sync feature and the scope
+          name is not 'groups'. Set to the claim to be used for groups.

      --oidc-group-mapping struct[map[string]string], $CODER_OIDC_GROUP_MAPPING (default: {})
          A map of OIDC group IDs and the group in Coder it should map to. This
--- a/cli/testdata/server-config.yaml.golden
+++ b/cli/testdata/server-config.yaml.golden
@ -238,8 +238,8 @@ oidc:
  # Ignore the userinfo endpoint and only use the ID token for user information.
  # (default: false, type: bool)
  ignoreUserInfo: false
-  # Change the OIDC default 'groups' claim field. By default, will be 'groups' if
-  # present in the oidc scopes argument.
+  # This field must be set if using the group sync feature and the scope name is not
+  # 'groups'. Set to the claim to be used for groups.
  # (default: <unset>, type: string)
  groupField: ""
  # A map of OIDC group IDs and the group in Coder it should map to. This is useful