You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm not sure whether it's the correct place to ask this but should we handle this in the dex/server/oauth2.go instead? Any thoughts @nabokihms? Should we move this issue to there?
Hello there. There are a couple of obstacles that make implementing this feature a little bit harder in Dex:
Dex should know the real IP addresses of clients, so we have to add options like real_ip_header and trusted_networks etc. I remember some opened issues with the intention of adding clients addresses to dex logs, but still no progress. As for now, Dex is not aware of clients ips.
The fields from the top post are called claims and represent user attributes (attributes of the token holder) and some meta-information. Per oidc spec, there is a limited set of standard claims, which does not include the IP address. We have a pinned issue about the middleware layer, which should provide the ability to add custom claims to the token.
After solving these two puzzles, we will be able to move forward with your idea.
Currently, we are only exposing the following fields in the logs:
It would be great to pass user's IP address during the authentication process. What do you think?
The text was updated successfully, but these errors were encountered: