From 344527be3fb1c11edfafc55ba7b789b478da656d Mon Sep 17 00:00:00 2001
From: Sunghoon Kang <hoon@akuity.io>
Date: Wed, 26 Apr 2023 15:11:51 +0900
Subject: [PATCH] fix: remove redundant scope check from Google connector

Since `groups` are not considered a valid scope by Google, we cannot
pass to the `scope`. Although @damieva introduced `claimMapping` in
https://github.com/dexidp/dex/issues/2653 to address this issue, it does
not seem to work with the current implementation of the Google
connector.

This commit resolves the issue by removing the unnecessary `group` scope
check, as `adminSrv` is only initialized when the user wants to retrieve
groups.

Signed-off-by: Sunghoon Kang <hoon@akuity.io>
---
 connector/google/google.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/connector/google/google.go b/connector/google/google.go
index f80c3586..a3277c8d 100644
--- a/connector/google/google.go
+++ b/connector/google/google.go
@@ -226,7 +226,7 @@ func (c *googleConnector) createIdentity(ctx context.Context, identity connector
 	}
 
 	var groups []string
-	if s.Groups && c.adminSrv != nil {
+	if c.adminSrv != nil {
 		checkedGroups := make(map[string]struct{})
 		groups, err = c.getGroups(claims.Email, c.fetchTransitiveGroupMembership, checkedGroups)
 		if err != nil {