Assure our open-id system can return emails.
Update our data from Open ID Systems when users log in
This commit is contained in:
parent
552229110c
commit
b94e0f7266
|
@ -111,6 +111,7 @@ def token() -> dict:
|
||||||
"iat": time.time(),
|
"iat": time.time(),
|
||||||
"exp": time.time() + 86400, # Expire after a day.
|
"exp": time.time() + 86400, # Expire after a day.
|
||||||
"sub": user_name,
|
"sub": user_name,
|
||||||
|
"email": user_details['email'],
|
||||||
"preferred_username": user_details.get("preferred_username", user_name),
|
"preferred_username": user_details.get("preferred_username", user_name),
|
||||||
},
|
},
|
||||||
client_secret,
|
client_secret,
|
||||||
|
|
|
@ -460,10 +460,6 @@ class AuthorizationService:
|
||||||
.filter(UserModel.service_id == user_info["sub"])
|
.filter(UserModel.service_id == user_info["sub"])
|
||||||
.first()
|
.first()
|
||||||
)
|
)
|
||||||
|
|
||||||
if user_model is None:
|
|
||||||
current_app.logger.debug("create_user in login_return")
|
|
||||||
is_new_user = True
|
|
||||||
username = email = ""
|
username = email = ""
|
||||||
if "name" in user_info:
|
if "name" in user_info:
|
||||||
username = user_info["name"]
|
username = user_info["name"]
|
||||||
|
@ -473,12 +469,22 @@ class AuthorizationService:
|
||||||
username = user_info["preferred_username"]
|
username = user_info["preferred_username"]
|
||||||
if "email" in user_info:
|
if "email" in user_info:
|
||||||
email = user_info["email"]
|
email = user_info["email"]
|
||||||
|
|
||||||
|
if user_model is None:
|
||||||
|
current_app.logger.debug("create_user in login_return")
|
||||||
|
is_new_user = True
|
||||||
user_model = UserService().create_user(
|
user_model = UserService().create_user(
|
||||||
service=user_info["iss"],
|
service=user_info["iss"],
|
||||||
service_id=user_info["sub"],
|
service_id=user_info["sub"],
|
||||||
username=username,
|
username=username,
|
||||||
email=email,
|
email=email,
|
||||||
)
|
)
|
||||||
|
else :
|
||||||
|
# Update with the latest information
|
||||||
|
user_model.username = username
|
||||||
|
user_model.email = email
|
||||||
|
user_model.service = user_info["iss"]
|
||||||
|
user_model.service_id = user_info["sub"]
|
||||||
|
|
||||||
# this may eventually get too slow.
|
# this may eventually get too slow.
|
||||||
# when it does, be careful about backgrounding, because
|
# when it does, be careful about backgrounding, because
|
||||||
|
|
|
@ -70,3 +70,8 @@ class TestFlaskOpenId(BaseTest):
|
||||||
assert 'access_token' in response.json
|
assert 'access_token' in response.json
|
||||||
assert 'id_token' in response.json
|
assert 'id_token' in response.json
|
||||||
assert 'refresh_token' in response.json
|
assert 'refresh_token' in response.json
|
||||||
|
|
||||||
|
decoded_token = jwt.decode(response.json['id_token'], options={"verify_signature": False})
|
||||||
|
assert 'iss' in decoded_token
|
||||||
|
assert 'email' in decoded_token
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue