Merge branch 'master' into feature/password-from-secret

Author: vvasilevbosch

deployment/helm/ditto/templates/gateway-deployment.yaml

@@ -226,6 +226,8 @@ spec:
               value: "{{ .Values.gateway.config.sse.throttling.limit }}"
             - name: OAUTH_ALLOWED_CLOCK_SKEW
               value: "{{ .Values.gateway.config.authentication.oauth.allowedClockSkew }}"
+            - name: OAUTH_TOKEN_INTEGRATION_SUBJECT
+              value: "{{ .Values.gateway.config.authentication.oauth.tokenIntegrationSubject }}"
             {{- if .Values.gateway.extraEnv }}
               {{- toYaml .Values.gateway.extraEnv | nindent 12 }}
             {{- end }}

deployment/helm/ditto/values.yaml

@@ -1520,6 +1520,8 @@ gateway:
         #    authSubjects:
         #    - "{{ jwt:sub }}"
         #    - "{{ jwt:groups }}"
+        # configure the subject to inject in policy action activateTokenIntegration
+        tokenIntegrationSubject: "integration:{{policy-entry:label}}:{{jwt:aud}}"
       # devops contains the configuration of the gateway's "/devops" API, e.g. access to it
       devops:
         # secured this controls whether "/devops" and "/api/2/connections" resources are secured or not