Andre Moreira Magalhaes · e8ea0da1
--- a/claims/claims.go

+ 11

− 2
+++ b/claims/claims.go

+ 11

− 2
 @@ -8,6 +8,7 @@ package claims
 import (
 	"fmt"
 	"path"
+	"strings"

 	"github.com/coreos/go-oidc/v3/oidc"
 )
 @@ -33,13 +34,16 @@ func FilterGroups(groups []string, allowed []string, denied []string) []string {
 	var new_groups []string
 group_loop:
 	for _, group := range groups {
+		group_lc := strings.ToLower(group)
 		for _, pattern := range denied {
-			if match, _ := path.Match(pattern, group); match {
+			pattern_lc := strings.ToLower(pattern)
+			if match, _ := path.Match(pattern_lc, group_lc); match {
 				continue group_loop
 			}
 		}
 		for _, pattern := range allowed {
-			if match, _ := path.Match(pattern, group); match {
+			pattern_lc := strings.ToLower(pattern)
+			if match, _ := path.Match(pattern_lc, group_lc); match {
 				new_groups = append(new_groups, group)
 			}
 		}
 @@ -53,6 +57,9 @@ func MapGroups(groups []string, group_map map[string]string) []string {
 	var new_groups []string
 	for _, group := range groups {
 		mapped, ok := group_map[group]
+		if !ok {
+			mapped, ok = group_map[strings.ToLower(group)]
+		}
 		if ok {
 			new_groups = append(new_groups, mapped)
 		} else {
 @@ -65,7 +72,9 @@ func MapGroups(groups []string, group_map map[string]string) []string {
 func VerifyGroups(groups []string, required []string) bool {
 req_loop:
 	for _, req_group := range required {
+		req_group = strings.ToLower(req_group)
 		for _, group := range groups {
+			group = strings.ToLower(group)
 			if match, _ := path.Match(req_group, group); match {
 				continue req_loop
 			}