From 0245d88d493f7b10c59b47b94d3d5bea936e1839 Mon Sep 17 00:00:00 2001
From: juarez <d.juarez@dkfz-heidelberg.de>
Date: Thu, 14 Dec 2023 18:34:30 +0100
Subject: [PATCH] Added: allowed-groups

---
 ccp/modules/datashield-compose.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ccp/modules/datashield-compose.yml b/ccp/modules/datashield-compose.yml
index 780d049..3b2da3e 100644
--- a/ccp/modules/datashield-compose.yml
+++ b/ccp/modules/datashield-compose.yml
@@ -110,6 +110,9 @@ services:
       APP_datashield-connect_KEY: ${DATASHIELD_CONNECT_SECRET}
       APP_token-manager_KEY: ${TOKEN_MANAGER_SECRET}
 
+  # TODO: Allow users of group /DataSHIELD and KEYCLOAK_USER_GROUP at the same time:
+  # Maybe a solution would be (https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/overview/):
+  # --allowed-groups=/DataSHIELD,KEYCLOAK_USER_GROUP
   oauth2_proxy:
     image: quay.io/oauth2-proxy/oauth2-proxy
     container_name: bridgehead_oauth2_proxy