Assure our open-id system can return emails.
Update our data from Open ID Systems when users log in
This commit is contained in:
parent
552229110c
commit
b94e0f7266
|
@ -111,6 +111,7 @@ def token() -> dict:
|
|||
"iat": time.time(),
|
||||
"exp": time.time() + 86400, # Expire after a day.
|
||||
"sub": user_name,
|
||||
"email": user_details['email'],
|
||||
"preferred_username": user_details.get("preferred_username", user_name),
|
||||
},
|
||||
client_secret,
|
||||
|
|
|
@ -460,25 +460,31 @@ class AuthorizationService:
|
|||
.filter(UserModel.service_id == user_info["sub"])
|
||||
.first()
|
||||
)
|
||||
username = email = ""
|
||||
if "name" in user_info:
|
||||
username = user_info["name"]
|
||||
if "username" in user_info:
|
||||
username = user_info["username"]
|
||||
elif "preferred_username" in user_info:
|
||||
username = user_info["preferred_username"]
|
||||
if "email" in user_info:
|
||||
email = user_info["email"]
|
||||
|
||||
if user_model is None:
|
||||
current_app.logger.debug("create_user in login_return")
|
||||
is_new_user = True
|
||||
username = email = ""
|
||||
if "name" in user_info:
|
||||
username = user_info["name"]
|
||||
if "username" in user_info:
|
||||
username = user_info["username"]
|
||||
elif "preferred_username" in user_info:
|
||||
username = user_info["preferred_username"]
|
||||
if "email" in user_info:
|
||||
email = user_info["email"]
|
||||
user_model = UserService().create_user(
|
||||
service=user_info["iss"],
|
||||
service_id=user_info["sub"],
|
||||
username=username,
|
||||
email=email,
|
||||
)
|
||||
else :
|
||||
# Update with the latest information
|
||||
user_model.username = username
|
||||
user_model.email = email
|
||||
user_model.service = user_info["iss"]
|
||||
user_model.service_id = user_info["sub"]
|
||||
|
||||
# this may eventually get too slow.
|
||||
# when it does, be careful about backgrounding, because
|
||||
|
|
|
@ -70,3 +70,8 @@ class TestFlaskOpenId(BaseTest):
|
|||
assert 'access_token' in response.json
|
||||
assert 'id_token' in response.json
|
||||
assert 'refresh_token' in response.json
|
||||
|
||||
decoded_token = jwt.decode(response.json['id_token'], options={"verify_signature": False})
|
||||
assert 'iss' in decoded_token
|
||||
assert 'email' in decoded_token
|
||||
|
||||
|
|
Loading…
Reference in New Issue