Assure our open-id system can return emails.

Update our data from Open ID Systems when users log in
This commit is contained in:
Dan 2022-12-13 08:14:44 -05:00
parent 4a8b07e98d
commit bcfbd9a6ea
3 changed files with 21 additions and 9 deletions

View File

@ -111,6 +111,7 @@ def token() -> dict:
"iat": time.time(),
"exp": time.time() + 86400, # Expire after a day.
"sub": user_name,
"email": user_details['email'],
"preferred_username": user_details.get("preferred_username", user_name),
},
client_secret,

View File

@ -460,10 +460,6 @@ class AuthorizationService:
.filter(UserModel.service_id == user_info["sub"])
.first()
)
if user_model is None:
current_app.logger.debug("create_user in login_return")
is_new_user = True
username = email = ""
if "name" in user_info:
username = user_info["name"]
@ -473,12 +469,22 @@ class AuthorizationService:
username = user_info["preferred_username"]
if "email" in user_info:
email = user_info["email"]
if user_model is None:
current_app.logger.debug("create_user in login_return")
is_new_user = True
user_model = UserService().create_user(
service=user_info["iss"],
service_id=user_info["sub"],
username=username,
email=email,
)
else :
# Update with the latest information
user_model.username = username
user_model.email = email
user_model.service = user_info["iss"]
user_model.service_id = user_info["sub"]
# this may eventually get too slow.
# when it does, be careful about backgrounding, because

View File

@ -70,3 +70,8 @@ class TestFlaskOpenId(BaseTest):
assert 'access_token' in response.json
assert 'id_token' in response.json
assert 'refresh_token' in response.json
decoded_token = jwt.decode(response.json['id_token'], options={"verify_signature": False})
assert 'iss' in decoded_token
assert 'email' in decoded_token