Try to get more information about the user when authenticating with openid
This commit is contained in:
parent
2351194547
commit
3973ce985d
2 changed files with 36 additions and 4 deletions
|
@ -59,6 +59,7 @@ type claims struct {
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
PreferredUsername string `json:"preferred_username"`
|
PreferredUsername string `json:"preferred_username"`
|
||||||
|
Nickname string `json:"nickname"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
|
@ -138,9 +139,40 @@ func HandleCallback(c echo.Context) error {
|
||||||
return handler.HandleHTTPError(err, c)
|
return handler.HandleHTTPError(err, c)
|
||||||
}
|
}
|
||||||
|
|
||||||
if cl.Email == "" {
|
if cl.Email == "" || cl.Name == "" || cl.PreferredUsername == "" {
|
||||||
log.Errorf("Claim does not contain an email address for provider %s", provider.Name)
|
info, err := provider.OpenIDProvider.UserInfo(context.Background(), provider.Oauth2Config.TokenSource(context.Background(), oauth2Token))
|
||||||
return handler.HandleHTTPError(&user.ErrNoOpenIDEmailProvided{}, c)
|
if err != nil {
|
||||||
|
log.Errorf("Error getting userinfo for provider %s: %v", provider.Name, err)
|
||||||
|
return handler.HandleHTTPError(err, c)
|
||||||
|
}
|
||||||
|
|
||||||
|
cl2 := &claims{}
|
||||||
|
err = info.Claims(cl2)
|
||||||
|
if err != nil {
|
||||||
|
log.Errorf("Error parsing userinfo claims for provider %s: %v", provider.Name, err)
|
||||||
|
return handler.HandleHTTPError(err, c)
|
||||||
|
}
|
||||||
|
|
||||||
|
if cl.Email == "" {
|
||||||
|
cl.Email = cl2.Email
|
||||||
|
}
|
||||||
|
|
||||||
|
if cl.Name == "" {
|
||||||
|
cl.Name = cl2.Name
|
||||||
|
}
|
||||||
|
|
||||||
|
if cl.PreferredUsername == "" {
|
||||||
|
cl.PreferredUsername = cl2.PreferredUsername
|
||||||
|
}
|
||||||
|
|
||||||
|
if cl.PreferredUsername == "" && cl2.Nickname != "" {
|
||||||
|
cl.PreferredUsername = cl2.Nickname
|
||||||
|
}
|
||||||
|
|
||||||
|
if cl.Email == "" {
|
||||||
|
log.Errorf("Claim does not contain an email address for provider %s", provider.Name)
|
||||||
|
return handler.HandleHTTPError(&user.ErrNoOpenIDEmailProvided{}, c)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
s := db.NewSession()
|
s := db.NewSession()
|
||||||
|
|
|
@ -79,7 +79,7 @@ func GetAllProviders() (providers []*Provider, err error) {
|
||||||
func GetProvider(key string) (provider *Provider, err error) {
|
func GetProvider(key string) (provider *Provider, err error) {
|
||||||
var p interface{}
|
var p interface{}
|
||||||
p, exists, err := keyvalue.Get("openid_provider_" + key)
|
p, exists, err := keyvalue.Get("openid_provider_" + key)
|
||||||
if exists {
|
if !exists {
|
||||||
_, err = GetAllProviders() // This will put all providers in cache
|
_, err = GetAllProviders() // This will put all providers in cache
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
Loading…
Reference in a new issue