[IMPROVE] OAuth Role Sync (#13761)

app/custom-oauth/server/custom_oauth_server.js

@@ -6,6 +6,7 @@ import { HTTP } from 'meteor/http';
 import { ServiceConfiguration } from 'meteor/service-configuration';
 import { Logger } from '../../logger';
 import { Users } from '../../models';
+import { mapRolesFromSSO, updateRolesFromSSO } from './oauth_helpers';
 import _ from 'underscore';
 import { isURL } from '../../utils/lib/isURL';
 import { registerAccessTokenService } from '../../lib/server/oauth/oauth';
@@ -72,6 +73,8 @@ export class CustomOAuth {
 		this.identityTokenSentVia = options.identityTokenSentVia;
 		this.usernameField = (options.usernameField || '').trim();
 		this.mergeUsers = options.mergeUsers;
+		this.mergeRoles = options.mergeRoles || false;
+		this.rolesClaim = options.rolesClaim || 'roles';
 		this.accessTokenParam = options.accessTokenParam;
 
 		if (this.identityTokenSentVia == null || this.identityTokenSentVia === 'default') {
@@ -319,6 +322,10 @@ export class CustomOAuth {
 					return;
 				}
 
+				if (this.mergeRoles) {
+					updateRolesFromSSO(user, serviceData, this.rolesClaim);
+				}
+
 				// User already created or merged and has identical name as before
 				if (user.services && user.services[serviceName] && user.services[serviceName].id === serviceData.id && user.name === serviceData.name) {
 					return;
@@ -349,6 +356,10 @@ export class CustomOAuth {
 				user.username = this.getUsername(user.services[this.name]);
 			}
 
+			if (this.mergeRoles) {
+				user.roles = mapRolesFromSSO(user.services[this.name], this.rolesClaim);
+			}
+
 			return true;
 		});
 
@@ -360,7 +371,9 @@ export class CustomOAuth {
 			'id',
 			'email',
 			'username',
-			'name'];
+			'name',
+			this.rolesClaim,
+		];
 
 		registerAccessTokenService(name, function(options) {
 			check(options, Match.ObjectIncluding({

app/custom-oauth/server/oauth_helpers.js

@@ -0,0 +1,42 @@
+import { addUserRoles, removeUserFromRoles } from '../../authorization';
+import { Roles } from '../../models';
+
+
+// Returns list of roles from SSO identity
+export function mapRolesFromSSO(identity, roleClaimName) {
+	let roles = [];
+
+	if (identity && roleClaimName) {
+		// Adding roles
+		if (identity[roleClaimName] && Array.isArray(identity[roleClaimName])) {
+			roles = identity[roleClaimName].filter((val) => val !== 'offline_access' && val !== 'uma_authorization' && Roles.findOneByIdOrName(val));
+		}
+	}
+
+	return roles;
+}
+
+// Updates the user with roles from SSO identity
+export function updateRolesFromSSO(user, identity, roleClaimName) {
+	if (user && identity && roleClaimName) {
+		const rolesFromSSO = mapRolesFromSSO(identity, roleClaimName);
+
+		if (!Array.isArray(user.roles)) {
+			user.roles = [];
+		}
+
+		const toRemove = user.roles.filter((val) => !rolesFromSSO.includes(val));
+
+		// loop through roles that user has that sso doesnt have and remove
+		toRemove.forEach(function(role) {
+			removeUserFromRoles(user._id, role);
+		});
+
+		const toAdd = rolesFromSSO.filter((val) => !user.roles.includes(val));
+
+		// loop through roles sso has that user doesnt and add
+		toAdd.forEach(function(role) {
+			addUserRoles(user._id, role);
+		});
+	}
+}

app/lib/server/methods/addOAuthService.js

@@ -37,5 +37,7 @@ Meteor.methods({
 		settings.add(`Accounts_OAuth_Custom-${ name }-button_label_color`     , '#FFFFFF'         , { type: 'string' , group: 'OAuth', section: `Custom OAuth: ${ name }`, i18nLabel: 'Accounts_OAuth_Custom_Button_Label_Color', persistent: true });
 		settings.add(`Accounts_OAuth_Custom-${ name }-button_color`           , '#1d74f5'         , { type: 'string' , group: 'OAuth', section: `Custom OAuth: ${ name }`, i18nLabel: 'Accounts_OAuth_Custom_Button_Color', persistent: true });
 		settings.add(`Accounts_OAuth_Custom-${ name }-username_field`         , ''                , { type: 'string' , group: 'OAuth', section: `Custom OAuth: ${ name }`, i18nLabel: 'Accounts_OAuth_Custom_Username_Field', persistent: true });
+		settings.add(`Accounts_OAuth_Custom-${ name }-roles_claim`            , 'roles'           , { type: 'string' , group: 'OAuth', section: `Custom OAuth: ${ name }`, i18nLabel: 'Accounts_OAuth_Custom_Roles_Claim', persistent: true });
+		settings.add(`Accounts_OAuth_Custom-${ name }-merge_roles`	      , false             , { type: 'boolean', group: 'OAuth', section: `Custom OAuth: ${ name }`, i18nLabel: 'Accounts_OAuth_Custom_Merge_Roles', persistent: true });
 		settings.add(`Accounts_OAuth_Custom-${ name }-merge_users`            , false             , { type: 'boolean', group: 'OAuth', section: `Custom OAuth: ${ name }`, i18nLabel: 'Accounts_OAuth_Custom_Merge_Users', persistent: true });
 	} });

app/lib/server/methods/removeOAuthService.js

@@ -35,6 +35,8 @@ Meteor.methods({
 		settings.removeById(`Accounts_OAuth_Custom-${ name }-button_color`);
 		settings.removeById(`Accounts_OAuth_Custom-${ name }-login_style`);
 		settings.removeById(`Accounts_OAuth_Custom-${ name }-username_field`);
+		settings.removeById(`Accounts_OAuth_Custom-${ name }-roles_claim`);
+		settings.removeById(`Accounts_OAuth_Custom-${ name }-merge_roles`);
 		settings.removeById(`Accounts_OAuth_Custom-${ name }-merge_users`);
 	},
 });

app/lib/server/startup/oAuthServicesUpdate.js

@@ -46,7 +46,9 @@ function _OAuthServicesUpdate() {
 				data.tokenSentVia = settings.get(`${ service.key }-token_sent_via`);
 				data.identityTokenSentVia = settings.get(`${ service.key }-identity_token_sent_via`);
 				data.usernameField = settings.get(`${ service.key }-username_field`);
+				data.rolesClaim = settings.get(`${ service.key }-roles_claim`);
 				data.mergeUsers = settings.get(`${ service.key }-merge_users`);
+				data.mergeRoles = settings.get(`${ service.key }-merge_roles`);
 				new CustomOAuth(serviceName.toLowerCase(), {
 					serverURL: data.serverURL,
 					tokenPath: data.tokenPath,
@@ -57,7 +59,9 @@ function _OAuthServicesUpdate() {
 					tokenSentVia: data.tokenSentVia,
 					identityTokenSentVia: data.identityTokenSentVia,
 					usernameField: data.usernameField,
+					rolesClaim: data.rolesClaim,
 					mergeUsers: data.mergeUsers,
+					mergeRoles: data.mergeRoles,
 					accessTokenParam: data.accessTokenParam,
 				});
 			}

packages/rocketchat-i18n/i18n/af.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Pad",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sent Via",
   "Accounts_OAuth_Custom_Username_Field": "Gebruikersnaam veld",
+  "Accounts_OAuth_Custom_Roles_Claim": "Rol / Groepen veldnaam",
   "Accounts_OAuth_Drupal": "Drupal-aanmelding geaktiveer",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 kliënt ID",

packages/rocketchat-i18n/i18n/ar.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "مسار رمزي",
   "Accounts_OAuth_Custom_Token_Sent_Via": "رمزي المرسلة عن طريق",
   "Accounts_OAuth_Custom_Username_Field": "حقل اسم المستخدم",
+  "Accounts_OAuth_Custom_Roles_Claim": "اسم حقل الأدوار / المجموعات",
   "Accounts_OAuth_Drupal": "تم تفعيل تسجيل الدخول عبر دوربال",
   "Accounts_OAuth_Drupal_callback_url": "دروبال oAuth2 إعادة توجيه عنوان أوري",
   "Accounts_OAuth_Drupal_id": "رمز تعريف العميل الخاص بدوربال oAuth2",

packages/rocketchat-i18n/i18n/az.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token yolu",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Via göndərdi",
   "Accounts_OAuth_Custom_Username_Field": "İstifadəçi adı",
+  "Accounts_OAuth_Custom_Roles_Claim": "Rollər / Qruplar sahəsinin adı",
   "Accounts_OAuth_Drupal": "Drupal Giriş Aktiv Edildi",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Müştəri ID",

packages/rocketchat-i18n/i18n/be-BY.i18n.json

@@ -87,6 +87,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sent Via",
   "Accounts_OAuth_Custom_Username_Field": "Поле імя карыстальніка",
+  "Accounts_OAuth_Custom_Roles_Claim": "Ролі / імя групы поле",
   "Accounts_OAuth_Drupal": "Ўключыць уваход праз Drupal",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/bg.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Пътека за означения",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Точен изпратен чрез",
   "Accounts_OAuth_Custom_Username_Field": "Потребителско поле",
+  "Accounts_OAuth_Custom_Roles_Claim": "Име на полето Роли / Групи",
   "Accounts_OAuth_Drupal": "Drupal Login Enabled",
   "Accounts_OAuth_Drupal_callback_url": "URI за пренасочване на Drupal oAuth2",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/bs.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Putanja Tokena",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token poslan putem",
   "Accounts_OAuth_Custom_Username_Field": "Polje korisničkog imena",
+  "Accounts_OAuth_Custom_Roles_Claim": "Ime polja Vloge / Skupine",
   "Accounts_OAuth_Drupal": "Drupal Prijava omogućen",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 preusmjeravanje URI",
   "Accounts_OAuth_Drupal_id": "Drupal ID klijenta oAuth2",

packages/rocketchat-i18n/i18n/ca.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Ruta del token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token enviat via",
   "Accounts_OAuth_Custom_Username_Field": "Camp de nom d'usuari",
+  "Accounts_OAuth_Custom_Roles_Claim": "Nom du champ Rôles/Groupes",
   "Accounts_OAuth_Drupal": "Activa inici de sessió de Drupal",
   "Accounts_OAuth_Drupal_callback_url": "Redirect URI de Drupal oAuth2",
   "Accounts_OAuth_Drupal_id": "Client ID de Drupal oAuth2",

packages/rocketchat-i18n/i18n/cs.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Cesta k tokenu",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token odesílány přes",
   "Accounts_OAuth_Custom_Username_Field": "Pole uživatelské jméno",
+  "Accounts_OAuth_Custom_Roles_Claim": "Název pole Role / Skupiny",
   "Accounts_OAuth_Drupal": "Povolit Drupal přihlášení",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 URI Přesměrování",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 ID klienta",

packages/rocketchat-i18n/i18n/cy.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Llwybr Tocynnau",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Tocynnau a Dderbyniwyd Drwy",
   "Accounts_OAuth_Custom_Username_Field": "Maes enw defnyddiwr",
+  "Accounts_OAuth_Custom_Roles_Claim": "Enw maes Rolau / Grwpiau",
   "Accounts_OAuth_Drupal": "Galluogi Mewngofnodi Drupal",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Ailgyfeirio URI",
   "Accounts_OAuth_Drupal_id": "ID Cleient Drupal oAuth2",

packages/rocketchat-i18n/i18n/da.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Tokensti",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token sendt via",
   "Accounts_OAuth_Custom_Username_Field": "Brugernavnefelt",
+  "Accounts_OAuth_Custom_Roles_Claim": "Roller / Grupper feltnavn",
   "Accounts_OAuth_Drupal": "Drupal-login aktiveret",
   "Accounts_OAuth_Drupal_callback_url": "Omdirigerings-uri for Drupals oAuth2",
   "Accounts_OAuth_Drupal_id": "Klient-id for Drupals oAuth2",

packages/rocketchat-i18n/i18n/de-AT.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Pfad des Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token gesendet über",
   "Accounts_OAuth_Custom_Username_Field": "Benutzername Feld",
+  "Accounts_OAuth_Custom_Roles_Claim": "Rollen/Gruppen Feld",
   "Accounts_OAuth_Drupal": "Drupal Login aktiviert",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Weiterleitungs-URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/de-IN.i18n.json

@@ -87,6 +87,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Pfad des Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token gesendet über",
   "Accounts_OAuth_Custom_Username_Field": "Feld für Benutzernamen",
+  "Accounts_OAuth_Custom_Roles_Claim": "Rollen/Gruppen Feld",
   "Accounts_OAuth_Drupal_callback_url": "Drupal OAuth Redirect Url",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",
   "Accounts_OAuth_Drupal_secret": "Geheimer Drupal oAuth2 Client Schlüssel",

packages/rocketchat-i18n/i18n/de.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Pfad des Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token gesendet über",
   "Accounts_OAuth_Custom_Username_Field": "Feld für Benutzernamen",
+  "Accounts_OAuth_Custom_Roles_Claim": "Rollen/Gruppen Feld",
   "Accounts_OAuth_Drupal": "Anmeldung über Drupal",
   "Accounts_OAuth_Drupal_callback_url": "Drupal OAuth Redirect Url",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/el.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Διαδρομή Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token που Αποστέλλεται Μέσω",
   "Accounts_OAuth_Custom_Username_Field": "Πεδίο ονόματος χρήστη",
+  "Accounts_OAuth_Custom_Roles_Claim": "Ονόματα πεδίων / ομάδων",
   "Accounts_OAuth_Drupal": "Η Σύνδεση Drupal είναι Ενεργοποιημένη",
   "Accounts_OAuth_Drupal_callback_url": "URI Ανακατεύθυνσης Drupal oAuth2",
   "Accounts_OAuth_Drupal_id": "Αναγνωριστικό Πελάτη Drupal oAuth2",

packages/rocketchat-i18n/i18n/en.i18n.json

@@ -93,6 +93,8 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sent Via",
   "Accounts_OAuth_Custom_Username_Field": "Username field",
+  "Accounts_OAuth_Custom_Roles_Claim": "Roles/Groups field name",
+  "Accounts_OAuth_Custom_Merge_Roles": "Merge Roles from SSO",
   "Accounts_OAuth_Drupal": "Drupal Login Enabled",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/eo.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sendita Vojo",
   "Accounts_OAuth_Custom_Username_Field": "Uzulnomo kampo",
+  "Accounts_OAuth_Custom_Roles_Claim": "Rola / Grupaj kampa nomo",
   "Accounts_OAuth_Drupal": "Drupalo Salutnomo Enabled",
   "Accounts_OAuth_Drupal_callback_url": "Drupalo oAuth2 Alidirektila URI",
   "Accounts_OAuth_Drupal_id": "Drupalo oAuth2 Kliento-ID",

packages/rocketchat-i18n/i18n/es.i18n.json

@@ -89,6 +89,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Ruta del Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token enviado vía",
   "Accounts_OAuth_Custom_Username_Field": "Campo de Nombre de Usuario",
+  "Accounts_OAuth_Custom_Roles_Claim": "Nombre del campo roles / grupos",
   "Accounts_OAuth_Drupal": "Inicio de sesión Drupal habilitado",
   "Accounts_OAuth_Drupal_callback_url": "URI de rediccionamiento de Drupal oAuth2",
   "Accounts_OAuth_Drupal_id": "ID del cliente de Drupal oAuth2",

packages/rocketchat-i18n/i18n/fa.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Merge_Users": "ادغام کاربران",
   "Accounts_OAuth_Custom_Scope": "محدوده",
   "Accounts_OAuth_Custom_Secret": "رمز",
+  "Accounts_OAuth_Custom_Roles_Claim": "نام زمینه / نام گروه",
   "Accounts_OAuth_Custom_Token_Path": "مسیر توکن",
   "Accounts_OAuth_Custom_Token_Sent_Via": "توکن فرستاده شد با",
   "Accounts_OAuth_Custom_Username_Field": "فیلد نام کاربری",

packages/rocketchat-i18n/i18n/fi.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token polku",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token lähetetty käyttäen",
   "Accounts_OAuth_Custom_Username_Field": "Käyttäjätunnus",
+  "Accounts_OAuth_Custom_Roles_Claim": "Roolien / ryhmien kentän nimi",
   "Accounts_OAuth_Drupal": "Drupal-kirjautuminen käytössä",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Uudelleenohjata URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2-asiakastunnus",

packages/rocketchat-i18n/i18n/fr.i18n.json

@@ -87,6 +87,7 @@
   "Accounts_OAuth_Custom_Token_Path": "URL de jeton",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Jeton envoyé via",
   "Accounts_OAuth_Custom_Username_Field": "Champ nom d'utilisateur",
+  "Accounts_OAuth_Custom_Roles_Claim": "Nom du champ Rôles/Groupes",
   "Accounts_OAuth_Drupal": "Connexion Drupal activée",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirection URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 ID client",

packages/rocketchat-i18n/i18n/he.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Meteor_secret": "סיסמת Meteor",
   "Accounts_OAuth_Twitter": "התחברות באמצעות טוויטר",
   "Accounts_OAuth_Twitter_callback_url": "כתובת האתר Callback Twitter",
+  "Accounts_OAuth_Custom_Roles_Claim": "שם שדה / קבוצות",
   "Accounts_OAuth_Twitter_id": "זיהוי טוויטר",
   "Accounts_OAuth_Twitter_secret": "סיסמת Twitter",
   "Accounts_OAuth_Wordpress": "התחברות WordPress",

packages/rocketchat-i18n/i18n/hr.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Putanja Tokena",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token poslan putem",
   "Accounts_OAuth_Custom_Username_Field": "Polje korisničkog imena",
+  "Accounts_OAuth_Custom_Roles_Claim": "Naziv polja uloge / grupe",
   "Accounts_OAuth_Drupal": "Drupal Prijava omogućen",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 preusmjeravanje URI",
   "Accounts_OAuth_Drupal_id": "Drupal ID klijenta oAuth2",

packages/rocketchat-i18n/i18n/hu.i18n.json

@@ -89,6 +89,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token keresztül küldött",
   "Accounts_OAuth_Custom_Username_Field": "felhasználónév mező",
+  "Accounts_OAuth_Custom_Roles_Claim": "Szerepek / csoportok mező neve",
   "Accounts_OAuth_Drupal": "Drupal bejelentkezés engedélyezve",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 átirányító URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Ügyfél azonosító",

packages/rocketchat-i18n/i18n/id.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Dikirim Via",
   "Accounts_OAuth_Custom_Username_Field": "Bidang Username",
+  "Accounts_OAuth_Custom_Roles_Claim": "Nama bidang Peran / Grup",
   "Accounts_OAuth_Drupal": "Login Drupal Diaktifkan",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "ID Klien Drupal oAuth2",

packages/rocketchat-i18n/i18n/it.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Percorso del token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token inviato tramite",
   "Accounts_OAuth_Custom_Username_Field": "Campo nome utente",
+  "Accounts_OAuth_Custom_Roles_Claim": "Nome del campo Ruoli / Gruppi",
   "Accounts_OAuth_Drupal": "Drupal Login abilitato",
   "Accounts_OAuth_Drupal_callback_url": "URI di re-indirizzamento oAuth2 Drupal ",
   "Accounts_OAuth_Drupal_id": "ID cliente oAuth2 Drupal",

packages/rocketchat-i18n/i18n/ja.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "トークンパス",
   "Accounts_OAuth_Custom_Token_Sent_Via": "トークン送信元",
   "Accounts_OAuth_Custom_Username_Field": "ユーザー名フィールド",
+  "Accounts_OAuth_Custom_Roles_Claim": "役割/グループフィールド名",
   "Accounts_OAuth_Drupal": "Drupalログインを有効にする",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2リダイレクトURI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2クライアントID",

packages/rocketchat-i18n/i18n/km.i18n.json

@@ -90,6 +90,7 @@
   "Accounts_OAuth_Custom_Token_Path": "ទីទាំង Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "សញ្ញាសម្ងាត់បានផ្ញើតាមរយៈ",
   "Accounts_OAuth_Custom_Username_Field": "វាលឈ្មោះអ្នកប្រើ",
+  "Accounts_OAuth_Custom_Roles_Claim": "ឈ្មោះវាល / ក្រុម",
   "Accounts_OAuth_Drupal": "Drupal Login Enabled",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 ប្ដូរទិស URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 លេខសម្គាល់អតិថិជន",

packages/rocketchat-i18n/i18n/ko.i18n.json

@@ -90,6 +90,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token 경로",
   "Accounts_OAuth_Custom_Token_Sent_Via": "보내진 토큰",
   "Accounts_OAuth_Custom_Username_Field": "사용자 이름 필드",
+  "Accounts_OAuth_Custom_Roles_Claim": "역할 / 그룹 필드 이름",
   "Accounts_OAuth_Drupal": "듀팔 로그인 이 활성화 되었습니다.",
   "Accounts_OAuth_Drupal_callback_url": "듀팔 oAuth2 리다이렉트 URI",
   "Accounts_OAuth_Drupal_id": "듀팔 oAuth2 클라이언트 ID",

packages/rocketchat-i18n/i18n/ku.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Path token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sent Via",
   "Accounts_OAuth_Custom_Username_Field": "Qada bikarhêner",
+  "Accounts_OAuth_Custom_Roles_Claim": "Roles/Groups field name",
   "Accounts_OAuth_Drupal": "Têketina Drupal Enabled",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 URI Beralîkirin",
   "Accounts_OAuth_Drupal_id": "Nasnameya oleuth2 Drupal",

packages/rocketchat-i18n/i18n/lo.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "ເສັ້ນທາງກ້າວສູ່ token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token ສົ່ງຜ່ານ",
   "Accounts_OAuth_Custom_Username_Field": "ຊື່ຜູ້ໃຊ້ພາກສະຫນາມ",
+  "Accounts_OAuth_Custom_Roles_Claim": "ຊື່ພາກສະຫນາມ / ກຸ່ມຊື່",
   "Accounts_OAuth_Drupal": "Drupal Login Enabled",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/lt.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Tokeno kelias",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sent Via",
   "Accounts_OAuth_Custom_Username_Field": "Vartotojo laukas",
+  "Accounts_OAuth_Custom_Roles_Claim": "Vaidų / grupių lauko pavadinimas",
   "Accounts_OAuth_Drupal": "Drupal prisijungimas įjungtas",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 nukreipimo URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 kliento ID",

packages/rocketchat-i18n/i18n/lv.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Žetona ceļš",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Žetons nosūtīts caur",
   "Accounts_OAuth_Custom_Username_Field": "Lietotājvārda lauks",
+  "Accounts_OAuth_Custom_Roles_Claim": "Lomu / grupu lauka nosaukums",
   "Accounts_OAuth_Drupal": "Drupal pieteikšanās ir iespējota",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 klienta ID",

packages/rocketchat-i18n/i18n/mn.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Via илгээсэн",
   "Accounts_OAuth_Custom_Username_Field": "Хэрэглэгчийн нэр",
+  "Accounts_OAuth_Custom_Roles_Claim": "Үүрэг / Бүлгүүдийн талбарын нэр",
   "Accounts_OAuth_Drupal": "Drupal Login Enabled",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Шууд бус URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/ms-MY.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Dihantar Via",
   "Accounts_OAuth_Custom_Username_Field": "Medan pengguna",
+  "Accounts_OAuth_Custom_Roles_Claim": "Rolle / Groepe veldnaam",
   "Accounts_OAuth_Drupal": "Log masuk Drupal Diaktifkan",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "ID Pelanggan Drupal oAuth2",

packages/rocketchat-i18n/i18n/nl.i18n.json

@@ -90,6 +90,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token locatie",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Verstuurd Via",
   "Accounts_OAuth_Custom_Username_Field": "Gebruikersnaam veld",
+  "Accounts_OAuth_Custom_Roles_Claim": "Rol / Groepen veldnaam",
   "Accounts_OAuth_Drupal": "Drupal Login Ingeschakeld",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 URI omleiden",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client-ID",

packages/rocketchat-i18n/i18n/no.i18n.json

@@ -87,6 +87,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Tokenbane",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sendt Via",
   "Accounts_OAuth_Custom_Username_Field": "Brukernavn felt",
+  "Accounts_OAuth_Custom_Roles_Claim": "Roller / Grupper feltnavn",
   "Accounts_OAuth_Drupal": "Drupal Logg inn aktivert",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/pl.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Ścieżka tokenu",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token wysyłany przez",
   "Accounts_OAuth_Custom_Username_Field": "Pole nazwa użytkownika",
+  "Accounts_OAuth_Custom_Roles_Claim": "Nazwa pola Role / Grupy",
   "Accounts_OAuth_Drupal": "Logowanie Drupal jest włączone",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Przekierowanie URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Identyfikator klienta",

packages/rocketchat-i18n/i18n/pt-BR.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Path do Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Enviado Por",
   "Accounts_OAuth_Custom_Username_Field": "Campo Nome de usuário",
+  "Accounts_OAuth_Custom_Roles_Claim": "Nome do campo de funções / grupos",
   "Accounts_OAuth_Drupal": "Login do Drupal habilitado",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Id. do cliente do Drupal oAuth2",

packages/rocketchat-i18n/i18n/pt.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Caminho do Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Enviado Por",
   "Accounts_OAuth_Custom_Username_Field": "Campo de Utilizador",
+  "Accounts_OAuth_Custom_Roles_Claim": "Nome do campo de funções / grupos",
   "Accounts_OAuth_Drupal": "Login do Drupal habilitado",
   "Accounts_OAuth_Drupal_callback_url": "URI de redireccionamento do Drupal oAuth2",
   "Accounts_OAuth_Drupal_id": "Id. Do cliente do Drupal oAuth2",

packages/rocketchat-i18n/i18n/ro.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Jeton Trimis Via",
   "Accounts_OAuth_Custom_Username_Field": "Numele câmpului",
+  "Accounts_OAuth_Custom_Roles_Claim": "Numele câmpului Roluri / Grupuri",
   "Accounts_OAuth_Drupal": "Conectare Drupal activată",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Codul clientului Drupal oAuth2",

packages/rocketchat-i18n/i18n/ru.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sent Via",
   "Accounts_OAuth_Custom_Username_Field": "Поле \"логин\"",
+  "Accounts_OAuth_Custom_Roles_Claim": "Имя поля Роли / Группы",
   "Accounts_OAuth_Drupal": "Включить вход через Drupal",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/sk-SK.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Cesta k Známke",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Známka odoslaná cez",
   "Accounts_OAuth_Custom_Username_Field": "Pole používateľského mena",
+  "Accounts_OAuth_Custom_Roles_Claim": "Názov poľa Roly / Skupiny",
   "Accounts_OAuth_Drupal": "Prihlásenie k službe Drupal je povolené",
   "Accounts_OAuth_Drupal_callback_url": "Adresa URI presmerovania k službe Drupal oAuth2",
   "Accounts_OAuth_Drupal_id": "ID klienta služby Drupal oAuth2",

packages/rocketchat-i18n/i18n/sl-SI.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Pot do žetonov",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Žeton poslan preko",
   "Accounts_OAuth_Custom_Username_Field": "Polje z uporabniškim imenom",
+  "Accounts_OAuth_Custom_Roles_Claim": "Naziv polja uloga / grupa",
   "Accounts_OAuth_Drupal": "Prijava v Drupal omogočena",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Preusmeritveni URI",
   "Accounts_OAuth_Drupal_id": "ID stranke Drupal oAuth2",

packages/rocketchat-i18n/i18n/sq.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Path Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sent Via",
   "Accounts_OAuth_Custom_Username_Field": "Fusha e emrit",
+  "Accounts_OAuth_Custom_Roles_Claim": "Emri i fushës së roleve / grupeve",
   "Accounts_OAuth_Drupal": "Hyrja në Drupal e aktivizuar",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 ID klienti",

packages/rocketchat-i18n/i18n/sr.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "токен Пут",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Токен послата преко",
   "Accounts_OAuth_Custom_Username_Field": "Поље корисничког имена",
+  "Accounts_OAuth_Custom_Roles_Claim": "Име поља улоге / групе",
   "Accounts_OAuth_Drupal": "Друпал Логин Енаблед",
   "Accounts_OAuth_Drupal_callback_url": "Друпал оАутх2 Редирецт УРИ",
   "Accounts_OAuth_Drupal_id": "Друпал оАутх2 Клијент ИД",

packages/rocketchat-i18n/i18n/sv.i18n.json

@@ -90,6 +90,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Sökväg Token",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token sänd via",
   "Accounts_OAuth_Custom_Username_Field": "Fält för användarnamn",
+  "Accounts_OAuth_Custom_Roles_Claim": "Roller / Grupper fältnamn",
   "Accounts_OAuth_Drupal": "Drupalinloggning aktiverad",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 redirect URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",

packages/rocketchat-i18n/i18n/ta-IN.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "டோக்கன் பாதை",
   "Accounts_OAuth_Custom_Token_Sent_Via": "டோக்கன் அனுப்பப்பட்டது வழியாக",
   "Accounts_OAuth_Custom_Username_Field": "பயனாளர் புலம்",
+  "Accounts_OAuth_Custom_Roles_Claim": "பங்களிப்புகள் / குழுக்கள் புலம் பெயர்",
   "Accounts_OAuth_Drupal": "Drupal Login இயக்கப்பட்டது",
   "Accounts_OAuth_Drupal_callback_url": "Drupal OAuth2 URI ஐ திருப்பி விடுகிறது",
   "Accounts_OAuth_Drupal_id": "Drupal OAuth2 கிளையண்ட் ஐடி",

packages/rocketchat-i18n/i18n/th-TH.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "เส้นทางโทเค็น",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token ส่งทาง",
   "Accounts_OAuth_Custom_Username_Field": "ฟิลด์ชื่อผู้ใช้",
+  "Accounts_OAuth_Custom_Roles_Claim": "ชื่อฟิลด์บทบาท / กลุ่ม",
   "Accounts_OAuth_Drupal": "เข้าสู่ระบบ Drupal Login แล้ว",
   "Accounts_OAuth_Drupal_callback_url": "เปลี่ยนเส้นทาง URI ของ Drupal oAuth2",
   "Accounts_OAuth_Drupal_id": "รหัสลูกค้า Drupal oAuth2",

packages/rocketchat-i18n/i18n/tr.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Yolu",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token'ı Gönder",
   "Accounts_OAuth_Custom_Username_Field": "Kullanıcı adı alanı",
+  "Accounts_OAuth_Custom_Roles_Claim": "Roller / Gruplar alan adı",
   "Accounts_OAuth_Drupal": "Drupal ile giriş yapma aktifleştirildi",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Yönlendirme URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Müşteri Kimliği",

packages/rocketchat-i18n/i18n/uk.i18n.json

@@ -86,6 +86,7 @@
   "Accounts_OAuth_Custom_Token_Path": "токен Шлях",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Токен посланими через",
   "Accounts_OAuth_Custom_Username_Field": "Поле \"логін\"",
+  "Accounts_OAuth_Custom_Roles_Claim": "Үүрэг / Бүлгүүдийн талбарын нэр",
   "Accounts_OAuth_Drupal": "Дозволити вхід через Drupal",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redire URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 ідентифікатор клієнта",

packages/rocketchat-i18n/i18n/vi-VN.i18n.json

@@ -83,6 +83,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Đường dẫn lấy Token (Token Path)",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token được gửi qua",
   "Accounts_OAuth_Custom_Username_Field": "Trường username",
+  "Accounts_OAuth_Custom_Roles_Claim": "Tên trường vai trò / nhóm",
   "Accounts_OAuth_Drupal": "Cho phép đăng nhập qua Drupal",
   "Accounts_OAuth_Drupal_callback_url": "Dạng chuyển hướng URL của Drupal oAuth2",
   "Accounts_OAuth_Drupal_id": "ID máy khách Drupal oAuth2",

packages/rocketchat-i18n/i18n/zh-HK.i18n.json

@@ -87,6 +87,7 @@
   "Accounts_OAuth_Custom_Token_Path": "令牌路径",
   "Accounts_OAuth_Custom_Token_Sent_Via": "令牌通过",
   "Accounts_OAuth_Custom_Username_Field": "用户名字段",
+  "Accounts_OAuth_Custom_Roles_Claim": "角色/组字段名称",
   "Accounts_OAuth_Drupal": "启用Drupal登录",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2重定向URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2客户端ID",

packages/rocketchat-i18n/i18n/zh-TW.i18n.json

@@ -89,6 +89,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token 路徑",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token發送自",
   "Accounts_OAuth_Custom_Username_Field": "使用者名稱欄位",
+  "Accounts_OAuth_Custom_Roles_Claim": "角色/组字段名称",
   "Accounts_OAuth_Drupal": "啟用Drupal登錄",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2重定向URI",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2客戶端ID",

packages/rocketchat-i18n/i18n/zh.i18n.json

@@ -92,6 +92,7 @@
   "Accounts_OAuth_Custom_Token_Path": "Token 路径",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token 发送自",
   "Accounts_OAuth_Custom_Username_Field": "用户名字段",
+  "Accounts_OAuth_Custom_Roles_Claim": "角色/组字段名称",
   "Accounts_OAuth_Drupal": "启用 Drupal 登录",
   "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 重定向 URI 地址",
   "Accounts_OAuth_Drupal_id": "Drupal oAuth2 客户端 ID",