From 11f809abd26e7d333428fc2df7f514b413b0c68c Mon Sep 17 00:00:00 2001
From: John Joyce <john@acryl.io>
Date: Tue, 15 Mar 2022 17:41:19 -0700
Subject: [PATCH] feat(oidc): Adding support for extracting single string
 groups claim (#4419)

---
 .../app/auth/sso/oidc/OidcCallbackLogic.java   | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/datahub-frontend/app/auth/sso/oidc/OidcCallbackLogic.java b/datahub-frontend/app/auth/sso/oidc/OidcCallbackLogic.java
index 23776ff8f3..9039aa05f3 100644
--- a/datahub-frontend/app/auth/sso/oidc/OidcCallbackLogic.java
+++ b/datahub-frontend/app/auth/sso/oidc/OidcCallbackLogic.java
@@ -245,8 +245,22 @@ public class OidcCallbackLogic extends DefaultCallbackLogic<Result, PlayWebConte
     if (profile.containsAttribute(groupsClaimName)) {
       try {
         final List<CorpGroupSnapshot> groupSnapshots = new ArrayList<>();
-        // We found some groups. Note that we assume it is an array of strings!
-        final Collection<String> groupNames = (Collection<String>) profile.getAttribute(groupsClaimName, Collection.class);
+        final Collection<String> groupNames;
+        final Object groupAttribute = profile.getAttribute(groupsClaimName);
+        if (groupAttribute instanceof Collection) {
+          // List of group names
+          groupNames = (Collection<String>) profile.getAttribute(groupsClaimName, Collection.class);
+        } else if (groupAttribute instanceof String) {
+          // Single group name
+          groupNames = Collections.singleton(profile.getAttribute(groupsClaimName, String.class));
+        } else {
+          log.error(String.format("Failed to parse OIDC group claim with name %s. Unknown type %s provided.",
+              groupsClaimName,
+              groupAttribute.getClass()));
+          // Return empty list. Do not throw.
+          return Collections.emptyList();
+        }
+
         for (String groupName : groupNames) {
           // Create a basic CorpGroupSnapshot from the information.
           try {