starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-05-04 18:08:46 +03:00
Code Issues 784 Packages Projects Releases 15 Wiki Activity

Add optional OIDC avatar fetching from the “picture” claim

Browse Source
This commit is contained in:
Talstra Ruben SRSNL
2025-01-20 17:21:46 +01:00
parent 786a434c03
commit da82e70ca3
4 changed files with 46 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/Config/oidc.php
View File

@@ -54,4 +54,7 @@ return [
'groups_claim' => env('OIDC_GROUPS_CLAIM', 'groups'),
// When syncing groups, remove any groups that no longer match. Otherwise, sync only adds new groups.
'remove_from_groups' => env('OIDC_REMOVE_FROM_GROUPS', false),
// When enabled, BookStack will fetch the users avatar from the 'picture' claim (SSRF risk if URLs are untrusted).
'fetch_avatars' => env('OIDC_FETCH_AVATARS', false),
];